urlscan.io logo urlscan.io
SecurityTrails logo

times.hinet.net Open in urlscan Pro
203.66.35.104  Public Scan

Go To Rescan Add Verdict Report
URL: https://times.hinet.net/news/24260251
Submission: On November 18 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 98 IPs in 12 countries across 66 domains to perform 787 HTTP transactions. The main IP is 203.66.35.104, located in Taiwan and belongs to HINET Data Communication Business Group, TW. The main domain is times.hinet.net. The Cisco Umbrella rank of the primary domain is 344316.
TLS certificate: Issued by on March 16th 2022. Valid for: a year.
This is the only time times.hinet.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 74 203.66.35.104 3462 (HINET Dat...)
1 35 203.75.213.47 3462 (HINET Dat...)
18 203.75.214.136 3462 (HINET Dat...)
13 2600:9000:249... 16509 (AMAZON-02)
22 151.101.193.29 54113 (FASTLY)
2 202.39.224.124 3462 (HINET Dat...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13.32.121.77 16509 (AMAZON-02)
26 151.101.193.44 54113 (FASTLY)
2 2a03:2880:f02... 32934 (FACEBOOK)
8 13.32.99.105 16509 (AMAZON-02)
5 2001:4de0:ac1... 20446 (STACKPATH...)
45 2a00:1450:400... 15169 (GOOGLE)
4 119.63.193.220 38627 (BAIDUJP B...)
4 23 211.21.190.218 3462 (HINET Dat...)
15 2a00:1450:400... 15169 (GOOGLE)
1 2 2a03:2880:f12... 32934 (FACEBOOK)
7 2a00:1450:400... 15169 (GOOGLE)
44 2001:b000:589::3 3462 (HINET Dat...)
3 2a00:1450:400... 15169 (GOOGLE)
21 2a00:1450:400... 15169 (GOOGLE)
7 141.226.228.48 200478 (TABOOLA-AS)
2 2600:9000:237... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
56 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 13 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a02:6ea0:c70... 60068 (CDN77 ^_^)
26 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 35.71.131.137 16509 (AMAZON-02)
2 2600:1f18:612... 14618 (AMAZON-AES)
4 4 185.94.180.125 35220 (SPOTX-AMS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
6 34.96.74.134 396982 (GOOGLE-CL...)
5 2a00:1288:80:... 203220 (YAHOO-DEB)
2 192.229.221.28 15133 (EDGECAST)
1 119.63.198.189 38627 (BAIDUJP B...)
3 119.63.198.143 38627 (BAIDUJP B...)
2 35.157.211.94 16509 (AMAZON-02)
6 2001:4860:480... 15169 (GOOGLE)
73 2a00:1450:400... 15169 (GOOGLE)
2 212.82.100.181 34010 (YAHOO-IRD)
11 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:400... 54113 (FASTLY)
5 143.204.89.67 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 34.117.124.131 396982 (GOOGLE-CL...)
1 107.178.241.176 15169 (GOOGLE)
1 20.184.62.41 8075 (MICROSOFT...)
8 108.138.17.16 16509 (AMAZON-02)
4 210.242.135.3 3462 (HINET Dat...)
4 2404:6800:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2600:1901:0:7... 15169 (GOOGLE)
10 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2620:116:800d... 16509 (AMAZON-02)
1 34.98.67.61 396982 (GOOGLE-CL...)
1 35.186.253.211 15169 (GOOGLE)
2 2 198.47.127.19 3257 (GTT-BACKB...)
3 13 172.217.18.98 15169 (GOOGLE)
1 1 69.173.144.138 26667 (RUBICONPR...)
2 2 172.64.154.237 13335 (CLOUDFLAR...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2 142.250.186.166 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 46.4.41.145 24940 (HETZNER-AS)
1 2a03:2880:f01... 32934 (FACEBOOK)
1 119.63.198.188 38627 (BAIDUJP B...)
3 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2 185.86.137.114 201081 (SMARTADSE...)
2 185.89.210.141 29990 (ASN-APPNEX)
30 108.158.46.104 16509 (AMAZON-02)
1 23.36.163.12 20940 (AKAMAI-ASN1)
1 20.212.113.236 8075 (MICROSOFT...)
1 185.86.137.113 201081 (SMARTADSE...)
5 2a00:1450:400... 15169 (GOOGLE)
1 185.64.189.111 62713 (AS-PUBMATIC)
1 37.157.4.23 198622 (ADFORM)
1 203.66.32.196 3462 (HINET Dat...)
2 18.156.195.47 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 108.59.1.185 30633 (LEASEWEB-...)
2 18.194.190.109 16509 (AMAZON-02)
1 2a02:2638:1::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a02:2638::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
2 2 52.57.54.93 16509 (AMAZON-02)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 3 51.89.9.252 16276 (OVH)
1 1 3.126.56.137 16509 (AMAZON-02)
1 2a02:2638::21 44788 (ASN-CRITE...)
1 185.94.180.123 35220 (SPOTX-AMS)
1 34.117.234.181 396982 (GOOGLE-CL...)
3 203.75.213.62 3462 (HINET Dat...)
2 3 34.96.119.68 396982 (GOOGLE-CL...)
1 1 172.105.199.172 63949 (LINODE-AP...)
787 98
74    203.66.35.104 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-66-35-104.hinet-ip.hinet.net
times.hinet.net
35    203.75.213.47 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
ssp.hinet.net
18    203.75.214.136 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net
t.ssp.hinet.net
164582de-f8ec-40d2-a370-995413964d97.t.ssp.hinet.net
2675b86f-e2c7-42ab-ba78-5831b3eae5b6.t.ssp.hinet.net
98914fb3-5f8d-4d90-8675-6a1052f28272.t.ssp.hinet.net
13    2600:9000:2490:6600:3:cecd:5f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
player.svc.litv.tv
22    151.101.193.29 (United States)

ASN54113 (FASTLY, US)
trip.hinet.net
2    202.39.224.124 (Pingtung City, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: vatrack.hinet.net
vatrack.hinet.net
3    2606:4700:10::6816:8ee (United States)

ASN13335 (CLOUDFLARENET, US)
tenmax-static.cacafly.net
1    13.32.121.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-77.fra60.r.cloudfront.net
static.adsinstant.com
26    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
vidstat.taboola.com
imprammp.taboola.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
8    13.32.99.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-105.fra60.r.cloudfront.net
sb.scorecardresearch.com
5    2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)
code.jquery.com
45    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
api.popin.cc
23    211.21.190.218 (Hsinchu County, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 211-21-190-218.hinet-ip.hinet.net
ssp.tenmax.io
dmp.tenmax.io
15    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
7    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
44    2001:b000:589::3 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
www.hinet.net
3    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
partner.googleadservices.com
21    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync-t1.taboola.com
2    2600:9000:237b:0:9:f0ff:5340:93a1 (United States)

ASN16509 (AMAZON-02, US)
jsmodule.svc.litv.tv
6    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700:10::ac43:14d9 (United States)

ASN13335 (CLOUDFLARENET, US)
ad.impactify.io
56    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
11    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
13    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a02:6ea0:c700::20 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
ad.impactify.media
26    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2606:4700::6810:7b60 (United States)

ASN13335 (CLOUDFLARENET, US)
www.cloudflare.com
1    2a02:6ea0:c700::10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
dvr.impactify.media
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    2600:1f18:612b:4264:5cc5:a32:da3e:ed7e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
taboola-supply-partners.tremorhub.com
4    185.94.180.125 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
15    2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    34.96.74.134 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 134.74.96.34.bc.googleusercontent.com
pusti.svc.litv.tv
5    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
cdn.js7k.com
2    192.229.221.28 (United States)

ASN15133 (EDGECAST, US)
redir.adap.tv
1    119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
tw.popin.cc
3    119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
log.popin.cc
2    35.157.211.94 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-211-94.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
6    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
73    2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com
sp.analytics.yahoo.com
11    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
345be188a84fe70cf95a892b92fe38f6.safeframe.googlesyndication.com
b328c1262e96b4cc9e77882a7cea4f0a.safeframe.googlesyndication.com
3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com
43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
40c049bd40f579caaf6e3829066840e1.safeframe.googlesyndication.com
73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com
7    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
5    143.204.89.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-67.fra50.r.cloudfront.net
fino.svc.litv.tv
3    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    34.117.124.131 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 131.124.117.34.bc.googleusercontent.com
api.svc.taiwanmedia.org
1    107.178.241.176 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 176.241.178.107.bc.googleusercontent.com
onead.onevision.com.tw
1    20.184.62.41 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e2elog.fetnet.net
8    108.138.17.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-16.fra56.r.cloudfront.net
cdnstatic.svc.litv.tv
4    210.242.135.3 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
p-api02.svc.litv.tv
p-api03.svc.litv.tv
4    2404:6800:4009:82e::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a04:4e42:200::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
1    2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
prod-rtb.ad4mat.net
10    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
as.ad4m.at
ad4m.at
assets.ad4m.at
2    2620:116:800d:21:e365:4988:e8a7:3270 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
pixel.quantserve.com
1    34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
2    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
13    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    172.64.154.237 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)
static-de.ad4mat.net
2    142.250.186.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net
ad.doubleclick.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    46.4.41.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads2.sunbonet.de
partner.o2online.de
1    2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
graph.facebook.com
1    119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
r.popin.cc
3    2a02:26f0:3500:4::b818:4dc9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
lispeedtest.akamaized.net
2    185.86.137.114 (France)

ASN201081 (SMARTADSERVER, FR)
www8.smartadserver.com
2    185.89.210.141 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
30    108.158.46.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-158-46-104.bom78.r.cloudfront.net
p-yonder.svc.litv.tv
1    23.36.163.12 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-163-12.deploy.static.akamaitechnologies.com
ced.sascdn.com
1    20.212.113.236 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
das.dna360.tw
1    185.86.137.113 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
5    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    185.64.189.111 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
vid.pubmatic.com
1    37.157.4.23 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    203.66.32.196 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-66-32-196.hinet-ip.hinet.net
ssp-hinetwork.cdn.hinet.net
2    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
web.ssp.yahoo.com
1    2a00:1450:4001:11::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
rr5---sn-4g5lznez.googlevideo.com
1    108.59.1.185 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
2    18.194.190.109 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-190-109.eu-central-1.compute.amazonaws.com
prod-m-node-3113.ssp.yahoo.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
10    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
2    52.57.54.93 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-54-93.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
gcm.ctnsnet.com
1    2a05:d018:d29:3601:4801:a45e:558e:d423 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
3    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
1    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
1    34.117.234.181 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 181.234.117.34.bc.googleusercontent.com
adsv.svc.litv.tv
3    203.75.213.62 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
static.cht.hinet.net
3    34.96.119.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.119.96.34.bc.googleusercontent.com
ad2.apx.appier.net
1    172.105.199.172 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1853-172.members.linode.com
gocm.c.appier.net
Apex Domain
Subdomains		 Transfer
199 hinet.net
times.hinet.net — Cisco Umbrella Rank: 344316
ssp.hinet.net — Cisco Umbrella Rank: 83932
t.ssp.hinet.net — Cisco Umbrella Rank: 84382
trip.hinet.net
vatrack.hinet.net
164582de-f8ec-40d2-a370-995413964d97.t.ssp.hinet.net
www.hinet.net — Cisco Umbrella Rank: 405220 Failed
2675b86f-e2c7-42ab-ba78-5831b3eae5b6.t.ssp.hinet.net
98914fb3-5f8d-4d90-8675-6a1052f28272.t.ssp.hinet.net
ssp-hinetwork.cdn.hinet.net
static.cht.hinet.net
2 MB
140 googlesyndication.com
f684792fd6fd88f5fbb48071b0718d47.safeframe.googlesyndication.com Failed
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 136
0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
345be188a84fe70cf95a892b92fe38f6.safeframe.googlesyndication.com
b328c1262e96b4cc9e77882a7cea4f0a.safeframe.googlesyndication.com
3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com
43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
40c049bd40f579caaf6e3829066840e1.safeframe.googlesyndication.com
73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com
1 MB
86 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 203
ad.doubleclick.net — Cisco Umbrella Rank: 173
pubads.g.doubleclick.net — Cisco Umbrella Rank: 430
1 MB
69 litv.tv
player.svc.litv.tv — Cisco Umbrella Rank: 143648
jsmodule.svc.litv.tv — Cisco Umbrella Rank: 266800
pusti.svc.litv.tv — Cisco Umbrella Rank: 147955
fino.svc.litv.tv — Cisco Umbrella Rank: 325386
cdnstatic.svc.litv.tv — Cisco Umbrella Rank: 450180
p-api02.svc.litv.tv
p-api03.svc.litv.tv
p-yonder.svc.litv.tv — Cisco Umbrella Rank: 270437
adsv.svc.litv.tv — Cisco Umbrella Rank: 489762
1 MB
40 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
region1.analytics.google.com — Cisco Umbrella Rank: 4753
9 KB
35 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 996
trc.taboola.com — Cisco Umbrella Rank: 636
images.taboola.com — Cisco Umbrella Rank: 1558
trc-events.taboola.com — Cisco Umbrella Rank: 1534
vidstat.taboola.com — Cisco Umbrella Rank: 2428
am-trc-events.taboola.com — Cisco Umbrella Rank: 16303
imprammp.taboola.com — Cisco Umbrella Rank: 12551
am-match.taboola.com — Cisco Umbrella Rank: 12340
am-vid-events.taboola.com — Cisco Umbrella Rank: 11702
sync-t1.taboola.com — Cisco Umbrella Rank: 1187
pips.taboola.com — Cisco Umbrella Rank: 1453
cds.taboola.com — Cisco Umbrella Rank: 1454
457 KB
23 tenmax.io
ssp.tenmax.io — Cisco Umbrella Rank: 136293
dmp.tenmax.io — Cisco Umbrella Rank: 119118
27 KB
15 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 53
834 KB
15 google.de
adservice.google.de — Cisco Umbrella Rank: 8709
www.google.de — Cisco Umbrella Rank: 5922
3 KB
15 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
118 KB
14 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 413
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 MB
11 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
csm.eu.criteo.net — Cisco Umbrella Rank: 7724
250 KB
11 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
478 KB
10 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 28280
ad4m.at — Cisco Umbrella Rank: 9541
assets.ad4m.at — Cisco Umbrella Rank: 36321
119 KB
10 gstatic.com
fonts.gstatic.com
csi.gstatic.com
184 KB
9 popin.cc
api.popin.cc — Cisco Umbrella Rank: 26540
tw.popin.cc — Cisco Umbrella Rank: 72982
log.popin.cc — Cisco Umbrella Rank: 27591
r.popin.cc — Cisco Umbrella Rank: 29194
213 KB
8 yahoo.com
sp.analytics.yahoo.com — Cisco Umbrella Rank: 1224
web.ssp.yahoo.com — Cisco Umbrella Rank: 2332
prod-m-node-3113.ssp.yahoo.com — Cisco Umbrella Rank: 25630
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 416
ups.analytics.yahoo.com — Cisco Umbrella Rank: 280
9 KB
8 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 146
8 KB
5 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 557
search.spotxchange.com — Cisco Umbrella Rank: 496
4 KB
5 jquery.com
code.jquery.com — Cisco Umbrella Rank: 669
161 KB
4 appier.net
ad2.apx.appier.net — Cisco Umbrella Rank: 44139 Failed
gocm.c.appier.net — Cisco Umbrella Rank: 1971
489 B
4 yimg.com
s.yimg.com — Cisco Umbrella Rank: 466
13 KB
4 impactify.media
ad.impactify.media — Cisco Umbrella Rank: 50102
dvr.impactify.media — Cisco Umbrella Rank: 45764
101 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 723
823 B
3 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11662
ads.eu.criteo.com — Cisco Umbrella Rank: 7609
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9258
33 KB
3 smartadserver.com
www8.smartadserver.com — Cisco Umbrella Rank: 5549
prg.smartadserver.com — Cisco Umbrella Rank: 1430
1 KB
3 akamaized.net
lispeedtest.akamaized.net
255 KB
3 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 662
vid.pubmatic.com — Cisco Umbrella Rank: 8719
1 KB
3 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
50 KB
3 facebook.com
www.facebook.com — Cisco Umbrella Rank: 106
graph.facebook.com — Cisco Umbrella Rank: 126
4 KB
3 cacafly.net
tenmax-static.cacafly.net — Cisco Umbrella Rank: 110983
120 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 745
s.tribalfusion.com — Cisco Umbrella Rank: 1840
1 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 693
2 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 426
1 KB
2 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 418
2 KB
2 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 615
pixel.quantserve.com — Cisco Umbrella Rank: 664
675 B
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 99097
static-de.ad4mat.net — Cisco Umbrella Rank: 135123
4 KB
2 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 4535
14 KB
2 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 11095
732 B
2 adap.tv
redir.adap.tv — Cisco Umbrella Rank: 306322
63 KB
2 tremorhub.com
taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3094
365 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 341
529 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 860
697 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 139
89 KB
1 ctnsnet.com
gcm.ctnsnet.com — Cisco Umbrella Rank: 41131
609 B
1 youtube.com
www.youtube.com — Cisco Umbrella Rank: 94
1 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 903
16 KB
1 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 27807
688 B
1 googlevideo.com
rr5---sn-4g5lznez.googlevideo.com — Cisco Umbrella Rank: 66569
3 MB
1 adform.net
adx.adform.net — Cisco Umbrella Rank: 3954
533 B
1 dna360.tw
das.dna360.tw — Cisco Umbrella Rank: 619087
498 B
1 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 9780
32 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 80510
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 74155
437 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 73310
262 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 307
459 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1473
350 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 929
356 B
1 fetnet.net
e2elog.fetnet.net — Cisco Umbrella Rank: 276903
543 B
1 onevision.com.tw
onead.onevision.com.tw — Cisco Umbrella Rank: 118787
502 B
1 taiwanmedia.org
api.svc.taiwanmedia.org — Cisco Umbrella Rank: 149549
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374
7 KB
1 cloudflare.com
www.cloudflare.com — Cisco Umbrella Rank: 5531
454 B
1 impactify.io
ad.impactify.io — Cisco Umbrella Rank: 38658
2 KB
1 adsinstant.com
static.adsinstant.com — Cisco Umbrella Rank: 468579
4 KB
0 gemius.pl Failed
googlecm.hit.gemius.pl Failed
787 66
Domain Requested by
74 times.hinet.net 2 redirects times.hinet.net
73 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
times.hinet.net
imasdk.googleapis.com
43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com
73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com
56 pagead2.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
times.hinet.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
prod-m-node-3113.ssp.yahoo.com
43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
www.googletagservices.com
45 securepubads.g.doubleclick.net ssp.hinet.net
securepubads.g.doubleclick.net
times.hinet.net
www.googletagservices.com
googleads.g.doubleclick.net
ad.impactify.media
44 www.hinet.net times.hinet.net
www.hinet.net
35 ssp.hinet.net 1 redirects times.hinet.net
ssp.hinet.net
www.hinet.net
code.jquery.com
30 p-yonder.svc.litv.tv player.svc.litv.tv
22 trip.hinet.net times.hinet.net
trip.hinet.net
21 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
imasdk.googleapis.com
16 ssp.tenmax.io tenmax-static.cacafly.net
times.hinet.net
imasdk.googleapis.com
15 www.googletagmanager.com player.svc.litv.tv
www.googletagmanager.com
www.hinet.net
15 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
15 www.google-analytics.com times.hinet.net
www.google-analytics.com
www.googletagmanager.com
player.svc.litv.tv
13 cm.g.doubleclick.net 3 redirects 0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
13 www.google.com 1 redirects times.hinet.net
tpc.googlesyndication.com
3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com
13 player.svc.litv.tv times.hinet.net
player.svc.litv.tv
www.hinet.net
13 t.ssp.hinet.net times.hinet.net
t.ssp.hinet.net
www.hinet.net
player.svc.litv.tv
12 images.taboola.com times.hinet.net
12 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
11 www.googletagservices.com securepubads.g.doubleclick.net
tenmax-static.cacafly.net
googleads.g.doubleclick.net
times.hinet.net
ad.impactify.media
43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com
73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com
10 static.criteo.net ads.eu.criteo.com
8 cdnstatic.svc.litv.tv times.hinet.net
8 sb.scorecardresearch.com cdn.taboola.com
times.hinet.net
player.svc.litv.tv
8 cdn.taboola.com times.hinet.net
cdn.taboola.com
7 fonts.googleapis.com tpc.googlesyndication.com
ads.eu.criteo.com
7 imasdk.googleapis.com player.svc.litv.tv
imasdk.googleapis.com
ad.impactify.media
7 dmp.tenmax.io 4 redirects times.hinet.net
6 fonts.gstatic.com fonts.googleapis.com
6 region1.analytics.google.com www.googletagmanager.com
6 pusti.svc.litv.tv player.svc.litv.tv
6 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
5 pubads.g.doubleclick.net imasdk.googleapis.com
5 fino.svc.litv.tv player.svc.litv.tv
5 code.jquery.com ssp.hinet.net
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at times.hinet.net
as.ad4m.at
ad4m.at
4 csi.gstatic.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
4 s.yimg.com times.hinet.net
s.yimg.com
4 sync.search.spotxchange.com 4 redirects
4 api.popin.cc times.hinet.net
api.popin.cc
4 trc.taboola.com cdn.taboola.com
3 ad2.apx.appier.net
3 static.cht.hinet.net imasdk.googleapis.com
3 onetag-sys.com 2 redirects 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
3 lispeedtest.akamaized.net jsmodule.svc.litv.tv
3 s0.2mdn.net imasdk.googleapis.com
3 log.popin.cc times.hinet.net
3 ad.impactify.media ad.impactify.io
ad.impactify.media
3 www.google.de times.hinet.net
player.svc.litv.tv
3 164582de-f8ec-40d2-a370-995413964d97.t.ssp.hinet.net times.hinet.net
www.hinet.net
3 tenmax-static.cacafly.net times.hinet.net
2 pm.w55c.net 2 redirects
2 prod-m-node-3113.ssp.yahoo.com web.ssp.yahoo.com
prod-m-node-3113.ssp.yahoo.com
2 73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 web.ssp.yahoo.com imasdk.googleapis.com
securepubads.g.doubleclick.net
2 secure.adnxs.com imasdk.googleapis.com
2 www8.smartadserver.com 1 redirects times.hinet.net
2 ad.doubleclick.net 2 redirects
2 assets.ad4m.at as.ad4m.at
2 p-api03.svc.litv.tv player.svc.litv.tv
2 ssum-sec.casalemedia.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 p-api02.svc.litv.tv player.svc.litv.tv
2 vjs.zencdn.net jsmodule.svc.litv.tv
2 0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 sp.analytics.yahoo.com player.svc.litv.tv
2 ads.adaptv.advertising.com redir.adap.tv
2 redir.adap.tv www.googletagmanager.com
2 sync-t1.taboola.com imprammp.taboola.com
am-match.taboola.com
2 taboola-supply-partners.tremorhub.com imprammp.taboola.com
am-match.taboola.com
2 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 am-trc-events.taboola.com times.hinet.net
2 jsmodule.svc.litv.tv player.svc.litv.tv
2 www.facebook.com 1 redirects connect.facebook.net
2 connect.facebook.net times.hinet.net
connect.facebook.net
2 vatrack.hinet.net times.hinet.net
1 gocm.c.appier.net 1 redirects
1 adsv.svc.litv.tv imasdk.googleapis.com
1 search.spotxchange.com imasdk.googleapis.com
1 csm.eu.criteo.net ads.eu.criteo.com
1 ups.analytics.yahoo.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 gcm.ctnsnet.com 1 redirects
1 s.tribalfusion.com 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
1 a.tribalfusion.com 1 redirects
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 www.youtube.com
1 ads.eu.criteo.com 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
1 rtb.nl.eu.criteo.com times.hinet.net
1 cdn.js7k.com prod-m-node-3113.ssp.yahoo.com
1 ads.aralego.com imasdk.googleapis.com
1 40c049bd40f579caaf6e3829066840e1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rr5---sn-4g5lznez.googlevideo.com
1 ssp-hinetwork.cdn.hinet.net times.hinet.net
1 adx.adform.net imasdk.googleapis.com
1 vid.pubmatic.com imasdk.googleapis.com
1 prg.smartadserver.com ced.sascdn.com
1 das.dna360.tw imasdk.googleapis.com
1 ced.sascdn.com ad.impactify.media
1 b328c1262e96b4cc9e77882a7cea4f0a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 345be188a84fe70cf95a892b92fe38f6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.quantserve.com times.hinet.net
1 r.popin.cc times.hinet.net
1 graph.facebook.com api.popin.cc
1 98914fb3-5f8d-4d90-8675-6a1052f28272.t.ssp.hinet.net times.hinet.net
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 static-de.ad4mat.net as.ad4m.at
1 pixel.rubiconproject.com 1 redirects
1 rtb.openx.net 0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
1 odr.mookie1.com 0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
1 cms.quantserve.com 0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
1 prod-rtb.ad4mat.net times.hinet.net
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 2675b86f-e2c7-42ab-ba78-5831b3eae5b6.t.ssp.hinet.net times.hinet.net
1 e2elog.fetnet.net times.hinet.net
1 onead.onevision.com.tw times.hinet.net
1 api.svc.taiwanmedia.org player.svc.litv.tv
1 tw.popin.cc api.popin.cc
1 cdn.jsdelivr.net www.hinet.net
1 dvr.impactify.media ad.impactify.media
1 www.cloudflare.com ad.impactify.media
1 am-vid-events.taboola.com times.hinet.net
1 am-match.taboola.com vidstat.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 vidstat.taboola.com cdn.taboola.com
1 ad.impactify.io times.hinet.net
1 trc-events.taboola.com times.hinet.net
1 static.adsinstant.com times.hinet.net
0 googlecm.hit.gemius.pl Failed 0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
0 f684792fd6fd88f5fbb48071b0718d47.safeframe.googlesyndication.com Failed securepubads.g.doubleclick.net
787 136
Subject Issuer Validity Valid
*.times.hinet.net
 2022-03-16 -
2023-03-16		 a year crt.sh
*.ssp.hinet.net
 2022-09-27 -
2023-09-27		 a year crt.sh
*.t.ssp.hinet.net
 2022-04-14 -
2023-04-14		 a year crt.sh
litv.tv
Amazon		 2022-08-22 -
2023-09-20		 a year crt.sh
trip.hinet.net
R3		 2022-10-13 -
2023-01-11		 3 months crt.sh
vatrack.hinet.net
 2022-02-10 -
2023-02-10		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-08 -
2023-06-08		 a year crt.sh
static.adsinstant.com
Amazon		 2022-09-21 -
2023-10-19		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-28 -
2022-11-26		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.popin.cc
DigiCert Secure Site Pro CN CA G3		 2022-09-23 -
2023-10-24		 a year crt.sh
*.tenmax.io
Gandi Standard SSL CA 2		 2022-01-10 -
2023-02-10		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.hinet.net
 2022-07-05 -
2023-07-05		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.impactify.io
E1		 2022-11-03 -
2023-02-01		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
1214925881.rsc.cdn77.org
R3		 2022-10-18 -
2023-01-16		 3 months crt.sh
www.cloudflare.com
Cloudflare Inc ECC CA-3		 2022-09-27 -
2023-09-26		 a year crt.sh
1546566414.rsc.cdn77.org
R3		 2022-10-27 -
2023-01-25		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.tremorhub.com
Amazon		 2022-03-24 -
2023-04-22		 a year crt.sh
pusti.svc.litv.tv
GTS CA 1D4		 2022-10-14 -
2023-01-12		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-10-17 -
2022-12-07		 2 months crt.sh
cdn.adap.tv
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-26 -
2023-06-26		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-09 -
2023-02-01		 6 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
real.sp.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-09 -
2023-02-01		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2022 Q3		 2022-08-30 -
2023-10-01		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-02 -
2023-01-25		 3 months crt.sh
d-api.svc.taiwanmedia.org
GTS CA 1D4		 2022-11-12 -
2023-02-10		 3 months crt.sh
onead.onevision.com.tw
R3		 2022-09-11 -
2022-12-10		 3 months crt.sh
e2elog.fetnet.net
Go Daddy Secure Certificate Authority - G2		 2022-08-24 -
2023-09-17		 a year crt.sh
*.svc.litv.tv
Sectigo RSA Domain Validation Secure Server CA		 2021-12-09 -
2023-01-08		 a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4		 2022-10-15 -
2023-01-13		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-24 -
2023-03-27		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-08 -
2023-09-11		 a year crt.sh
*.dna360.tw
TWCA Secure SSL Certification Authority		 2022-08-25 -
2023-09-16		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-08-02 -
2023-01-25		 6 months crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-11-08 -
2023-01-17		 2 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-09-21 -
2022-12-21		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-14 -
2023-01-13		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-27 -
2022-12-29		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2022-03-11 -
2023-03-29		 a year crt.sh
adsv.svc.litv.tv
GTS CA 1D4		 2022-10-13 -
2023-01-11		 3 months crt.sh
*.cht.hinet.net
 2022-03-15 -
2023-03-15		 a year crt.sh

This page contains 76 frames:

Primary Page: https://times.hinet.net/news/24260251
Frame ID: 78B8C07D88BC733695285247CBF8AABB
Requests: 184 HTTP requests in this frame

Frame: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Frame ID: 3F7AC7BA7D6274228A12FFCD629C57D4
Requests: 27 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-1.9.1.min.js
Frame ID: 4D410520C2CDB7DB24FAD821DCADD7E7
Requests: 11 HTTP requests in this frame

Frame: https://www.hinet.net/tv/mobile_iframe.html
Frame ID: 4E75B7A00F0B7095FD99EDEFC6D33ABF
Requests: 1 HTTP requests in this frame

Frame: https://times.hinet.net/hinetlife2/index.html
Frame ID: 2FE835323A4CA2BAA67730734D11645A
Requests: 8 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D169777559824026%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df652a139c822c4%2526domain%253Dtimes.hinet.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftimes.hinet.net%25252Ff1e72a6c2c55e4%2526relation%253Dparent.parent%26container_width%3D300%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FHiNetnews%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300
Frame ID: E0B2841BCB4954FA3299EA39774D71FF
Requests: 1 HTTP requests in this frame

Frame: https://www.hinet.net/tv/mobile_iframe.html
Frame ID: E2ADB7BADA8355755B753D87E4B06AD9
Requests: 54 HTTP requests in this frame

Frame: https://f684792fd6fd88f5fbb48071b0718d47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 786C4159814B3207CEF5FCE868F866EE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvitGHPAmWiHQAk03374ngYE80xhA3YSICg3hxlW55SVOhZ3FRchR3oLHo3dIs4hBgNGCzTd8pEaEdqTVqsHOhVE9-cTkcj9kzMD0CVu61pN6m2TPe0TuF3OVlVe9XqEjPPqDXuuPC5j3KFEfPrd4Md4VnLMqxpXaoG0Wojd6bHsa-JyA81SFtVo21G8M2-Ix3fsnjdz56oJajJThXcJ_TIs8UK62fbk8QzSm-3O8KPaHczEO_VjB_M4qKaxDQULIIr497Ne3KVpjsPGv_AuSn8AYJxZueas8CsFH4sjE43Mm9rFV_eKU7hldNvSKmq6-n_ldimDSOqMr9Bxk6fFlAxkxWuJ_Q&sai=AMfl-YQ4EB-jJQkDA5zxYD77fka8zNnztEv-rvvCizBQtiaDdL-Kzh4d6Q1t2NWR1ilmyWdWrkibPJXaf0KKr9WZMPTuBK39vTPs_pWp4fEG_RuE6yah1_RSNQFSf-qjAgOXUdND3kxJMX-atRwEUzOTy70&sig=Cg0ArKJSzEoWOAbO_QtWEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: F810B15DD8C7403431FC21DE42755391
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: BFC66A9CFACEB7B2999E084A2FD7F16D
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7y34CFgMhRorpgeQJ9AQhRorpgeQJ9AUAAAAGBvQHJOZxTWYm324t882ca9Fy4VgrJ4uFW2Wz-QaDzXIyMQ6GQGIe12Rm8u3WMt_MuRYtF461crJYuFU2m28w2CwnE-NgCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFkt5gAAAADw8P___w8BAAAAEAEAAAAgAQAAAEARUPFvIXABAAAAgPH___-vAQDFwXCuu_VlNzpcn5fdHwAAAAAgAAAAACQAB-pPJQAuL-Mn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0OquhrnRWrAsEQFoUWMAAAAAEp0cgaOJnVCZVH1___fbwVwBQAQQMhoJRmYpTso8RYGAAAgIKZUv5FdAoAlO7ZAD4vfb3bYNX63y_7_________zf7P_tGEiMzM0oJYAADUfgEBANZ-AQEA2NQNAOBNAC7kStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFktRkfQisFgdQExOwAAAIC7____fzyl-o3sEgAsWT0Q2M0clsFkuVq4LKvhwuObGWaTiWu1GkxsLsfMtb2nB950eY_o5r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBboATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDDjG46Wi5nNLZkMZmvRYDVcS2wjw1q1HC0npuVmNVws16LXx_TwLWYL42SLggEie5E8LdKJZrcbjpwLj8s08qwclplltjJsFpvdYjEYrTaeyUQs0Zws0onssi_sZg7LYLJcLVyW1XDh8c0Ms8nEtVoNJjaXY-bad3zD0XIxs7klk8FsLRqshmuJbWRYq5aj5cS03KyGi-Va9PqYHr7FbGGc7Buz2XA4WOyWo31jNhsOB4vdcrTv0Bm-q8_ZqN6utR6TV7Sszkw2h0HhMli8P4lpMe3ODqaz7-i0KbfNzs7ou3WPXoPCc_CYzrfKYvhMbBbm1dZ7MChiieAinWgeZpfnZvnbTU-X5S102l2mi1iiNF2kE73c5fv8JaPJbDBZLSZiieB0kU5EL-Ppov6jwuzmquFctZtrVgkAAAAAAAAAYAlz5k0AAAAAToNaDHeb1ToPZjCZLRer5QJU7DnpAoMAAAAAAAAUN348MQ-zy3Oz_O2mp8vyFjrtLtOVASbM1pg3fyaItVotawAAAAFsAACAAG7dvAWEWfH_____cQAAADJy9AAAAPT7QEWeuFHrhR_8BDlYDQc!&cmcv=&pix=undefined&cb=1668801795235&uv=3241&tms=1668801795235&abt=dfrc_vB!eidc_vB!id5mc_vB!Noappq22_vD!spa2_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=fc52fd77-f7f9-49a1-921a-eff700392b80&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: E9D556F7287E8575D9948728C6D62BA5
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7y34CFgMhRorpgeQJ9AQhRorpgeQJ9AUAAAAGBvQHJOZxTWYm324t882ca9Fy4VgrJ4uFW2Wz-QaDzXIyMQ6GQGIe12Rm8u3WMt_MuRYtF461crJYuFU2m28w2CwnE-NgCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFkt5gAAAADw8P___w8BAAAAEAEAAAAgAQAAAEARUPFvIXABAAAAgPH___-vAQDFwXCuu_VlNzpcn5fdHwAAAAAgAAAAACQAB-pPJQAuL-Mn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0OquhrnRWrAsEQFoUWMAAAAAEp0cgaOJnVCZVH1___fbwVwBQAQQMhoJRmYpTso8RYGAAAgIKZUv5FdAoAlO7ZAD4vfb3bYNX63y_7_________zf7P_tGEiMzM0oJYAADUfgEBANZ-AQEA2NQNAOBNAC7kStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFktRkfQisFgdQExOwAAAIC7____fzyl-o3sEgAsWT0Q2M0clsFkuVq4LKvhwuObGWaTiWu1GkxsLsfMtb2nB950eY_o5r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBboATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDDjG46Wi5nNLZkMZmvRYDVcS2wjw1q1HC0npuVmNVws16LXx_TwLWYL42SLggEie5E8LdKJZrcbjpwLj8s08qwclplltjJsFpvdYjEYrTaeyUQs0Zws0onssi_sZg7LYLJcLVyW1XDh8c0Ms8nEtVoNJjaXY-bad3zD0XIxs7klk8FsLRqshmuJbWRYq5aj5cS03KyGi-Va9PqYHr7FbGGc7Buz2XA4WOyWo31jNhsOB4vdcrTv0Bm-q8_ZqN6utR6TV7Sszkw2h0HhMli8P4lpMe3ODqaz7-i0KbfNzs7ou3WPXoPCc_CYzrfKYvhMbBbm1dZ7MChiieAinWgeZpfnZvnbTU-X5S102l2mi1iiNF2kE73c5fv8JaPJbDBZLSZiieB0kU5EL-Ppov6jwuzmquFctZtrVgkAAAAAAAAAYAlz5k0AAAAAToNaDHeb1ToPZjCZLRer5QJU7DnpAoMAAAAAAAAUN348MQ-zy3Oz_O2mp8vyFjrtLtOVASbM1pg3fyaItVotawAAAAFsAACAAG7dvAWEWfH_____cQAAADJy9AAAAPT7QEWeuFHrhR_8BDlYDQc!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: B018E80099100BEF7E1739F112AD065E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&adk=1812271804&adf=3407277731&lmt=1668801795&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795017&bpp=4&bdt=238&idt=257&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=2&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.y7m7lzoi03ii&fsb=1&dtd=275
Frame ID: F1EFD63D5039F6EC1DD48B3A92FC80EF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Frame ID: 8172DB17EBA254C26FC79F7E3FDDA0EA
Requests: 10 HTTP requests in this frame

Frame: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Frame ID: 001EDA0FEA2E67C0CBAB1BE482C7DE28
Requests: 35 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/index.html
Frame ID: D1962185F9E4EE48B2E56BA7D39CCC8A
Requests: 19 HTTP requests in this frame

Frame: https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C3F332B310DCE48071A3695C9F35DFBD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BA0708C1C6DE0A945DFB66774F5B4565
Requests: 2 HTTP requests in this frame

Frame: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Frame ID: 334CD5DD2C638FC65FBDD5918B46958F
Requests: 49 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Frame ID: B9E535212F5D431DF11EDAC625BE6A62
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3BC449C079CF3B17466CA24F6D5326C0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 24041C27238035763B79EDBB62B6171E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6B69D0B8B27F620143C9DA14349D63FA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E64B87B2722981DC4EC6A0E78E2C7233
Requests: 2 HTTP requests in this frame

Frame: https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FDCB7CE78B9A2A8DB40CC389A72C3464
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pagead/adview?ai=C84YHBOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhAJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJXdMpp_WxNpwS64axxUxVh8OorUTptnGUM2EQh57XFL3DisyRz9-OAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTQ2NzE0NDQ5MTUzNzc0NRjqjxg&sigh=_yhldHttyek&uach_m=[UACH]&cid=CAQSPADq26N9-2igQrMMglsyesW_L9tQwgXeJeFYhPz8GaBJe6k2XqtMxRYter6SdECLtVmp3pX6S8qynDkXVRgBIBM
Frame ID: CDDDCBE457D70528179FC64EDB499076
Requests: 8 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gk00r51mhhhb95g164kbpt9hmxxk8mrc12tjk2s45nm9vqt7a1fdrtp4tct94ejk3txbwcr7t4kv6fm0zk969mfv4fdzwex5sajz4st3ng5w9058pcp3ke3mnvf5dhhdvn53rfrzyedw93mzfq92g19s4ye05r1qfs3j5j96b1h2e9j46qb78aftjxaaw0wh20zrsvmay93ad5t9vmhg25msfhaym9zk3xe688rgwc95r69ry4wzz7bkewv83x60zdszh60y37n34vt1zns0brzmqfccxrhcrxe3jfrw8kze8gqctaz1fts93ab2ygfz8savhw487nty81h2caasb21paayev6cj0gcv07fjdxbhnk5f8p0rsv8jtbw15e3zsyq9jzy13sct5d0y6cg2bqbzkr5wh9s3cwrh85v7kgcrcfgsh9zxhzshv5frrw6spmvn1rc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo9O1BOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhwJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJWfMLvtjOrugeY_I4qOjMqOA57e45FJAZ6200HrFeVV8CB5FYO9MHuWmOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gHNbYOXopeVDE38mqc2AP5fCS5g%26client%3Dca-pub-9467144491537745%26adurl%3D
Frame ID: 11285984DA319A6A4CD31BE47027C534
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4CB18391155BC81E717DB94252C47E58
Requests: 9 HTTP requests in this frame

Frame: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Frame ID: AC35EF230B25318A2776174F57C92631
Requests: 25 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Frame ID: 10EFF31DBE3D84347ECC4547AFD5C395
Requests: 18 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D3F22FF995FC35A00F490B92115044C3
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19458&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX&c=300&d=50&e=&g=e26f36107444fe50110657b6d03334f1%2F8349602815595636617&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1668801797709&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjzvynr4s3mcccrp0bgxgr4p7f4y53hcw62es1j2vr55rgzt3tv77cwangb49kkdvyjjckt5cvvj6q0n5ammjkhme06jabj41vzw4yx3938yfv8wkn1ev7rnkvq0396b50f1dzkrgf1q45nsy4ffjtv0c4g2p6cjmpb73g2fd84g4r63x59j9g9crb59haqw9a56syg1g78thbvrtkmf52nwn0hwzr020gm016y41kvfkqe5213jvwejydt7z17tcpp3x9s8w0tqn47e5st19y6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo9O1BOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhwJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJWfMLvtjOrugeY_I4qOjMqOA57e45FJAZ6200HrFeVV8CB5FYO9MHuWmOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1gHNbYOXopeVDE38mqc2AP5fCS5g%2526client%253Dca-pub-9467144491537745%2526adurl%253D&y=1&s=&z=0
Frame ID: DCBA3B8ABAF9C5A1FED8FF2A36255FFB
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Frame ID: E63D7F1692AEFB161261695C41D9A7F6
Requests: 7 HTTP requests in this frame

Frame: https://ad.impactify.media/static/ad/v5-1.9.48/standard.js?v=v5-1.9.48
Frame ID: 9E5732E688EA404E5FA4B8526FDCEC6A
Requests: 8 HTTP requests in this frame

Frame: https://www.googletagservices.com/tag/js/gpt.js
Frame ID: A4BC606577EFB0AEC4AF1010AC302266
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Frame ID: 95363C53F6BEA19C27D508B148C3A45E
Requests: 23 HTTP requests in this frame

Frame: https://345be188a84fe70cf95a892b92fe38f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: DCD1F078BD2EB3C7F4067DEB43B8C974
Requests: 1 HTTP requests in this frame

Frame: https://b328c1262e96b4cc9e77882a7cea4f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: E308B8738864121895DAC751FB4521A8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7212E2A8B2D9ADE73BDB24B007C3FE1F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A9A139E1A319E7A8E9348CECBF09A65F
Requests: 2 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-1.9.1.min.js
Frame ID: CEDF623321E99D66B0545DCBD651E45E
Requests: 11 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-1.9.1.min.js
Frame ID: 63520CEE9CC29121926280B7B8639139
Requests: 22 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-1.9.1.min.js
Frame ID: F5B9D8CB6213BA71A1B031FEBC3B902E
Requests: 11 HTTP requests in this frame

Frame: https://code.jquery.com/jquery-1.9.1.min.js
Frame ID: 15EC321C0EB5F5ADE34F064013744999
Requests: 21 HTTP requests in this frame

Frame: https://ssp.hinet.net/api/pixel?bd=3d20616ba433a301f10f7b31b47f5acb75ede8597d5755a9f0f41750b6ca145e&ch=2017034
Frame ID: 5022F59E57D52D6380BA99866DD4ECFB
Requests: 1 HTTP requests in this frame

Frame: https://ssp.hinet.net/api/pixel?bd=3d20616ba433a301f10f7b31b47f5acb75ede8597d5755a9f0f41750b6ca145e&ch=2017034
Frame ID: 67B760423CDBB49A0CD5586F15F98B29
Requests: 1 HTTP requests in this frame

Frame: https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/6360b417ce9db.jpg
Frame ID: 5AE9EDB0E281E1EDF1A6B3D9F4BBF5E7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DCDC43B511ECD2770A378EC3BFCAC765
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5A288B286E926B9A6D5B63807F7D1507
Requests: 2 HTTP requests in this frame

Frame: https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: BE12C8D97521E10A382AD694B651DE41
Requests: 1 HTTP requests in this frame

Frame: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C9B76A03036E73E72FDDF3BC91D7C3BF
Requests: 1 HTTP requests in this frame

Frame: https://40c049bd40f579caaf6e3829066840e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F78993CB39558C1C32E1EF308123C10F
Requests: 1 HTTP requests in this frame

Frame: https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D5CCEE8FC1D21C3500A32E2D17440EB0
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstN_yDqr98XkzqxGrXeBgz9nZDxGImk0l5Oa4BKt7eX9EmxMedrXfcHLxtsZcfnbmZQV_6eGUoyDczyPD0SP-vtPF6dU3nqAANZmzTVsNUefIICYSpZ-UEdceN12pNQXD_xDj6TUoLv79fmd-BreRVCFKHvL1WjrHbLKgpTzffZhKfiFzuM6Tr9a7xn6bC8mq4NkQ0hrUufrQcn4N2QkXUQWmt2rGba6t0ZY1pw0xBDxT791_tSrcZyCcC8UfalWnhSjxvBKgW2LiFzckPxMeINiUniw63dEOwXtMO6mTRCtaHaUQh4HBxVDz_ldZ2gPepZ&sai=AMfl-YSbr1quF4f0jR3CBhZ6ISG9ql1j_FjYdUkDGLzMQvJRjhtSMc3swUMYn0rCN1M0GuHOMy6UPP8uPlDZxm8YlkOtxIUxKiefb4ojuxa4vc017RO_qlPJ_UkXS55dfqiCtg&sig=Cg0ArKJSzEZj2aoxV3FBEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E35F10A64576733797BFB550ED8E4DC1
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4CTGoAQtdQIlpc9mhRY60FAtQ3NVnFC_aytcHKnU_j3racuibC6OknLpWgCZPZW5xo-v8KbTn0KwDpIoTJ1aKiiWw-rpWbndIT0cVJTz63SkP-ZUaK7TeqvJQ5c6CFayDn8VXkxwfX98X_4CW5_TUNmjCdbBZrRWZMd0DH5kix2aRxWttt6UvY1hwMy5tQ9nhdhUeE5rzeMmH3tOlLrEOz7VkcX0NvoFYGJZElpUl28tgJMaAvRBO2-t8c4xVNwFmUVn2e_4WzWU3J84ApBg0saADwUsgoJkvKsyxRERrXDkth-HUwc9C31zZ09HfLTQ-HQRuyoo2ICzi8R0&sai=AMfl-YT0c55dn2AQu9EWd1OeM0zhSAA3arFaLyDSScCuI12EhRClpkBZVnhOIDI-5PXn0hG9ld6MDtx9b9P4H4xShQBfxHwatOfUEGDDKreMvnEsMuR6AsNbkpYCR2aG3RmezQ&sig=Cg0ArKJSzLMpyLm8WuXIEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 928D1165A10D8235C136B9F1D1D82788
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6vtwEQtap7HkcZ2KybBSOFfzcqc7qw1rCMxfH1dkB8TpqCqtL7IHeR9B-9X397M2Xn3NWKruwExQu02Hlo4SYUSXc6j4GGtn8UGJhRQsKy27J0s-Ng2L1NjX6l6wbZAOPP_d6QX3ICYl6K7phtLhOZ_GjAUYwR26y6OU5PacbLRY3sGku_ABNxgAyXhDH3E1_mS6pJvQ-Di29looJMuywcHi-RClbhlTyNc2clhd724z_yoh4w0OqCqWpx0C1GWk-DLfpRrzGix9_iCO8wUdkWtUg9t6Rn_AaqXSTzbk9vcWhxr--Okre7Gg09BnJHnzzKnrOx-FAXkOqUNk&sai=AMfl-YTUNSOr5YsR9sesdzIwUKBrd_pdZIYVGyTR35JVLPKd_mIa_cz_IyAFAfqs5g26f81n6brcUamhvvmq-9g8jvCsDgTrr695u4Fa6x-0Mn0JFzk-5hf_XM6lQsY6IEEZsA&sig=Cg0ArKJSzGKMchK5DHIVEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: E724ED6E8402BCF451148C8DC82E9EA9
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Frame ID: 03B5B4CC02E495D48268C8AED7B05DDA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C1E145C1C1E25E90F8FBEDDB5BBF68B2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F19574B89DAD9536ED88F13A74E018A9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EBF34E14D7B77E418DFD2ED5245E9D62
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 395192FD77B500BA1E5E10FA430E62DE
Requests: 2 HTTP requests in this frame

Frame: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 6EF96942369DC7FF5B2C8FEC584DF2E0
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Frame ID: 1EDD312EB8AB48E43E938DB84F4CDC05
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 4A7D8673A09F511A1F015072641246D0
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&adk=1812271804&adf=2662694622&lmt=1668801803&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801803450&bpp=3&bdt=437&idt=155&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&nras=1&correlator=5316747536603&frm=23&ife=4&pv=2&ga_vid=1365366507.1668801795&ga_sid=1668801804&ga_hid=1283153072&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3077956258&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44760912%2C44770881&oid=2&pvsid=1578160828604052&tmod=1953776848&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.e91istwi1dbj&btvi=1&fsb=1&dtd=174
Frame ID: 50EB72CB21580C531FF172C3C0BED072
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=3204766223&adf=3346210685&pi=t.ma~as.5905656858&w=300&lmt=1668801803&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801803453&bpp=1&bdt=440&idt=185&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801804&ga_hid=1283153072&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2514&biw=1600&bih=1200&isw=300&ish=250&ifk=3077956258&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44760912%2C44770881&oid=2&pvsid=1578160828604052&tmod=1953776848&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.mhl5lkkyujc2&btvi=2&fsb=1&dtd=190
Frame ID: 7D80587590079BE04C21D769E551F083
Requests: 1 HTTP requests in this frame

Frame: https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 69C3ABD928C5E4E4994237AFCE043207
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/index.html
Frame ID: 20FD2AEEEA38C1683E4D4BEF6CF8D325
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A2EEE562E1493F18AF49B730965428C2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A1007031B7FD8F3A255685991F86D3E2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7E30D718D1FD5B45A0F3A258F0904F18
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D7E27649332A363CCBE95F1ABCF3D06F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 562DE5B9369F5A491B7F32F352BB6DEC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 565E41959A576E87A34048A3C85BEC6B
Requests: 2 HTTP requests in this frame

Frame: https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 03843A581733DCD65C3CF4311C0BEEAB
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/index.html
Frame ID: 52FB0C853AECA9E2D2FCCDD34ED4678A
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

美元定存優利 有望衝5%-財經-HiNet生活誌

Detected technologies

Overall confidence: 100%
Detected patterns
  • <!--[^>]*(?:InstanceBeginEditable|Dreamweaver([^>]+)target|DWLayoutDefaultTable)
Overall confidence: 100%
Detected patterns
  • mustache(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • zepto.*\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

787
Requests

96 %
HTTPS

46 %
IPv6

66
Domains

136
Subdomains

98
IPs

12
Countries

14019 kB
Transfer

31062 kB
Size

73
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://times.hinet.net/resources/js/jquery-3.6.0.min.js HTTP 302
  • https://times.hinet.net/mobile/resources/js/jquery-3.6.0.min.js
Request Chain 116
  • https://www.facebook.com/v2.3/plugins/page.php?app_id=169777559824026&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df652a139c822c4%26domain%3Dtimes.hinet.net%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Ftimes.hinet.net%252Ff1e72a6c2c55e4%26relation%3Dparent.parent&container_width=300&height=500&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2FHiNetnews&locale=zh_TW&sdk=joey&show_facepile=true&show_posts=true&width=300 HTTP 302
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D169777559824026%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df652a139c822c4%2526domain%253Dtimes.hinet.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftimes.hinet.net%25252Ff1e72a6c2c55e4%2526relation%253Dparent.parent%26container_width%3D300%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FHiNetnews%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300
Request Chain 182
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=09a6ce15-677c-11ed-ba6f-1d7abbad0506 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=09a6c71a-677c-11ed-99f1-1a404fd50306&orig=video&us_privacy=1---gdpr=1&
Request Chain 185
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=09a6c77d-677c-11ed-99f1-1a404fd50306 HTTP 302
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=09a6c71a-677c-11ed-99f1-1a404fd50306&orig=video&us_privacy=1---gdpr=1&
Request Chain 279
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 376
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIr21tvY9mxrmlgDk1oSMno&google_cver=1&google_push=ASkJ3FZ28crvcqgGPGyI90VlL5IkQrDpMn344UED6kKC8yrXe9aNVANb36at5BPaq1vAqPFvERqZ5ulfeTwIRC9FC8v1D_hoNkLTmw HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEIr21tvY9mxrmlgDk1oSMno&google_cver=1&google_push=ASkJ3FZ28crvcqgGPGyI90VlL5IkQrDpMn344UED6kKC8yrXe9aNVANb36at5BPaq1vAqPFvERqZ5ulfeTwIRC9FC8v1D_hoNkLTmw&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1cwuG1_IQi2J0cinVHbt-w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ28crvcqgGPGyI90VlL5IkQrDpMn344UED6kKC8yrXe9aNVANb36at5BPaq1vAqPFvERqZ5ulfeTwIRC9FC8v1D_hoNkLTmw
Request Chain 377
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI00szDvYSvHVyjApuzV-8o&google_cver=1&google_push=ASkJ3FbOFYpqaMdwSOUOn1gLdVi17XhpzZ3vIUksto6BPlTLJBrc5XWpTfJXkourZpapr7trbMU0V_L74lD2OThzXVneu-HAX5zM6w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFNWEkzTEQtVy1LRVIz&google_push=ASkJ3FbOFYpqaMdwSOUOn1gLdVi17XhpzZ3vIUksto6BPlTLJBrc5XWpTfJXkourZpapr7trbMU0V_L74lD2OThzXVneu-HAX5zM6w
Request Chain 378
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP6pBWpG5n4HXLnV4Fm10YI&google_cver=1&google_push=ASkJ3FbZDKeMi_fxkzqAaHiT7FTb8SN-EyQYNOJ51y2wuLiHvMdY2AHCaMA1QUEVDjT7R0tjlLPsokZ3wbArWaOad6OHmieaYAPFUw HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEP6pBWpG5n4HXLnV4Fm10YI&google_push=ASkJ3FbZDKeMi_fxkzqAaHiT7FTb8SN-EyQYNOJ51y2wuLiHvMdY2AHCaMA1QUEVDjT7R0tjlLPsokZ3wbArWaOad6OHmieaYAPFUw&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP6pBWpG5n4HXLnV4Fm10YI&google_hm=Y3flBRcDwPfSrsIl_kTANQAABFAAAAAB&google_nid=index&google_push=ASkJ3FbZDKeMi_fxkzqAaHiT7FTb8SN-EyQYNOJ51y2wuLiHvMdY2AHCaMA1QUEVDjT7R0tjlLPsokZ3wbArWaOad6OHmieaYAPFUw
Request Chain 428
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D112793V1226132702M%26subid%3DviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLzr9pLDuPsCFVzbEQgd7oQGww;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D112793V1226132702M%26subid%3DviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER%26gdpr_consent=%26gdpr=0%26gdpr_pd=0 HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2022111821031878673501981X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2022111821031878673501981X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218
Request Chain 464
  • https://www8.smartadserver.com/ac?siteid=474385&pgid=1492394&fmtid=61987&ab=1&oc=1&ps=1&pb=0&visit=S&vcn=s&tmstp=1668801798&pgDomain=https%3A%2F%2Ftimes.hinet.net&vpw=640&vph=360&schain=1.0,1!impactify.io,2300,1,,,&gdpr=1&gdpr_consent=&out=vast4&tgt=pack%3D4%3Bpid%3D2300%3Bsdk%3DAM%3Bstyle%3Dimpact HTTP 302
  • https://www8.smartadserver.com/ac?siteid=474385&pgid=1492394&fmtid=61987&ab=1&oc=1&ps=1&pb=0&visit=S&vcn=s&tmstp=1668801798&pgDomain=https%3a%2f%2ftimes.hinet.net&vpw=640&vph=360&schain=1.0%2c1!impactify.io%2c2300%2c1%2c%2c%2c&gdpr=1&gdpr_consent=&out=vast4&tgt=pack%3d4%3bpid%3d2300%3bsdk%3dAM%3bstyle%3dimpact&cklb=1
Request Chain 505
  • https://times.hinet.net/news/undefined HTTP 302
  • https://times.hinet.net/500
Request Chain 510
  • https://ssp.hinet.net/api/web/exposure/?token=1668801801444659a63a6ad2f2abad HTTP 302
  • https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/6360b417ce9db.jpg
Request Chain 598
  • https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=372997837 HTTP 302
  • https://dmp.tenmax.io/cmp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cacafly&google_ula=514624859,1668801803&google_hm=Q2ZrZGdHZDhFZTJsdjNWRThSaWhQQT09&google_cm HTTP 302
  • https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESENcOao7F25_abVCLKCBYAoQ&google_cver=1&google_ula=514624859,0
Request Chain 604
  • https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=518462501 HTTP 302
  • https://dmp.tenmax.io/cmp HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cacafly&google_ula=514624859,1668801803&google_hm=Q2ZrZGdHZDhFZTJsdjNWRThSaWhQQT09&google_cm HTTP 302
  • https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESENcOao7F25_abVCLKCBYAoQ&google_cver=1&google_ula=514624859,0
Request Chain 644
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF9gYotHmyesWHuGNXyVm1U&google_cver=1&google_push=ASkJ3FaiozHOuP7moT0ctHIJNbUWxwuaSFHc_zTo-6LB9VwtROWdfUEI1mPqfJhtX2-BIx90CWuUiCHr66w3wUvfNL2tRpTcnFc HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF9gYotHmyesWHuGNXyVm1U&google_cver=1&google_push=ASkJ3FaiozHOuP7moT0ctHIJNbUWxwuaSFHc_zTo-6LB9VwtROWdfUEI1mPqfJhtX2-BIx90CWuUiCHr66w3wUvfNL2tRpTcnFc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZXFiZFZRaW8xT1c3QTc1&google_gid=CAESEF9gYotHmyesWHuGNXyVm1U&google_cver=1&google_push=ASkJ3FaiozHOuP7moT0ctHIJNbUWxwuaSFHc_zTo-6LB9VwtROWdfUEI1mPqfJhtX2-BIx90CWuUiCHr66w3wUvfNL2tRpTcnFc
Request Chain 645
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEgBgaK3MyWLsi8tyM0d9Jc&google_cver=1&google_push=ASkJ3FYCHWDtvF0WBNPMdgduMjte7tQEp59u5PZr4ZVF6y4aFoXuHzVIUYM_oudNQVs_a6v0J1TM1jXjqd4tOazfsqlkkt3qxunj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FYCHWDtvF0WBNPMdgduMjte7tQEp59u5PZr4ZVF6y4aFoXuHzVIUYM_oudNQVs_a6v0J1TM1jXjqd4tOazfsqlkkt3qxunj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEgBgaK3MyWLsi8tyM0d9Jc&google_cver=1&google_push=ASkJ3FYCHWDtvF0WBNPMdgduMjte7tQEp59u5PZr4ZVF6y4aFoXuHzVIUYM_oudNQVs_a6v0J1TM1jXjqd4tOazfsqlkkt3qxunj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FYCHWDtvF0WBNPMdgduMjte7tQEp59u5PZr4ZVF6y4aFoXuHzVIUYM_oudNQVs_a6v0J1TM1jXjqd4tOazfsqlkkt3qxunj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 646
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEB86XgnuPP4-LBH8VAbtSYs&google_cver=1&google_push=ASkJ3FYDRQXb9LSMeoq1M9xI3WH4lHiKw3bclpXi2zqO545Pi1sTtLTBz_1Q6OxmnlXRFeBIWT9NXZFTAUqe3VJVmBa8snhyoEg2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FYDRQXb9LSMeoq1M9xI3WH4lHiKw3bclpXi2zqO545Pi1sTtLTBz_1Q6OxmnlXRFeBIWT9NXZFTAUqe3VJVmBa8snhyoEg2&google_hm=2JVPMuUVTl-LmYEwibUfMQM
Request Chain 647
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAvT7jFy9LbTtd-iW4hHfdo&google_cver=1&google_push=ASkJ3Fbd6Rkb-fo3Mlb3O-ZpCFGZPp-uf4kPgWUCHSFfXS_1FzVAGZos6-C0Z2BouHF_eTTO9jOh3UDxcnY5qEZ3bvJwPuNuYJNm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbd6Rkb-fo3Mlb3O-ZpCFGZPp-uf4kPgWUCHSFfXS_1FzVAGZos6-C0Z2BouHF_eTTO9jOh3UDxcnY5qEZ3bvJwPuNuYJNm&google_hm=MzI2NDkzMjg3NDM2NDYxMDQ3NA%3D%3D
Request Chain 648
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAfURzcpJQxge8AwvvBLzWk&google_cver=1&google_push=ASkJ3FZ0vXb0pnW8wRAHXbOP-JXwlSeIfP7K9rsUlbYhO91-s4Xzo8PCHL-bd4s9vAo7qsRC7cE54cqVSN5v-2Jvipv9rrJ6U9NZ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZ0vXb0pnW8wRAHXbOP-JXwlSeIfP7K9rsUlbYhO91-s4Xzo8PCHL-bd4s9vAo7qsRC7cE54cqVSN5v-2Jvipv9rrJ6U9NZ
Request Chain 649
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECyP-6Rzs-3S8w8CGC-kuN4&google_cver=1&google_push=ASkJ3FZ0wesaZ6tUFLLDDBgrG4bFOYgFh8_Y9s9oiy4SKa0H9F2FMloEewocmQmW2JqAjMNrDXcPZFy5qG_esdtdC7Ax_sGjcx7RCg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16MjZRWGRSRTJ1R09nbU9zLmJReHcuTWdvOUFHcWMzbn5B&google_push=ASkJ3FZ0wesaZ6tUFLLDDBgrG4bFOYgFh8_Y9s9oiy4SKa0H9F2FMloEewocmQmW2JqAjMNrDXcPZFy5qG_esdtdC7Ax_sGjcx7RCg
Request Chain 650
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAfURzcpJQxge8AwvvBLzWk&google_cver=1&google_push=ASkJ3Fawn3hykkEdTaGjp1fDUVpE1hEoKlC4fuATrHSCtYcZwZ_LS3Mq6nS_pr4CBKdDpqbX6_7FCdPfSX55iyfr_Vpenw4tCsc2dA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3Fawn3hykkEdTaGjp1fDUVpE1hEoKlC4fuATrHSCtYcZwZ_LS3Mq6nS_pr4CBKdDpqbX6_7FCdPfSX55iyfr_Vpenw4tCsc2dA HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 778
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704 HTTP 307
  • https://gocm.c.appier.net/avnet?url=ad2.apx.appier.net&zoneid=9704 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704&acid=q1dGPc__AfCUf5TTDuV3Yw HTTP 302
  • https://ad2.apx.appier.net/www/delivery/%3Cscript%3E!function()%7Bfor(pivot=window;pivot!==top&&pivot.parent;pivot=pivot.parent)if(pivot.chtnw%20&&%20pivot.chtnw.noAd)%7Bpivot.chtnw.noAd();break%7D%7D();%3C/script%3E
Request Chain 783
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704 HTTP 307
  • https://gocm.c.appier.net/avnet?url=ad2.apx.appier.net&zoneid=9704 HTTP 302
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704&acid=9wPZ1JnuCWGGtLwSD-V3Yw HTTP 302
  • https://ad2.apx.appier.net/www/delivery/%3Cscript%3E!function()%7Bfor(pivot=window;pivot!==top&&pivot.parent;pivot=pivot.parent)if(pivot.chtnw%20&&%20pivot.chtnw.noAd)%7Bpivot.chtnw.noAd();break%7D%7D();%3C/script%3E

787 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 24260251
times.hinet.net/news/ 		78 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
f5dbaf5f1edb7d0541488385712f35aeebf10c5b7279801e0f454480dc3e432c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
br
content-language
de-DE
content-type
text/html;charset=UTF-8
date
Fri, 18 Nov 2022 20:03:10 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
server
HiNetCDN/2211
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-cache
MISS, MISS
x-frame-options
SAMEORIGIN SAMEORIGIN
x-request-id
d312bf04742340a28ed9d7289e691470
x-xss-protection
1;mode=block
global.css
times.hinet.net/resources/css/ 		154 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/css/global.css?v=20220331
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
d6ee04a3b930e47e58abe0750df3a68f68392449f9261083bef70fd9caf4e74d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Mon, 21 Mar 2022 02:49:28 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
5c2c19898f1baa24a1780408cc588895
fltSky.css
times.hinet.net/resources/css/ 		866 B
650 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/css/fltSky.css?v=20220331
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
b59dd2965f58fc20aa2ec6600b3051df031b4ae638b4742e944224f9df43b2fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Wed, 30 Mar 2022 10:19:32 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
4c167a35ab487e62374c4eff49c3da4a
jquery-3.6.0.min.js
times.hinet.net/mobile/resources/js/
Redirect Chain
  • https://times.hinet.net/resources/js/jquery-3.6.0.min.js
  • https://times.hinet.net/mobile/resources/js/jquery-3.6.0.min.js
87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/mobile/resources/js/jquery-3.6.0.min.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Mon, 21 Mar 2022 05:42:10 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
6ea6ee9c68ffec36c00af7a53d7e27ed

Redirect headers

location
https://times.hinet.net/mobile/resources/js/jquery-3.6.0.min.js
date
Fri, 18 Nov 2022 20:03:11 GMT
server
HiNetCDN/2211
x-cache
HIT
x-request-id
bda0757881ab7f36f595151a20eba7da
fltSky.js
times.hinet.net/resources/js/ 		2 KB
900 B 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/fltSky.js?v=20220331
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
6030e59b3284c2dadddfb47bb8f1f5446255b8276da0441575b9f61f2b355ea3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Wed, 30 Mar 2022 11:11:16 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
755c42ba83096376be63273cd9f64525
jquery.textslider.min.js
times.hinet.net/resources/js/ 		1 KB
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/jquery.textslider.min.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
7c905fa103f34e93986a57259d8034d3446a0ff54288f066f2263f177584fb24
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
0172a4e644c4150b8c8a02adf766748a
swipebox.css
times.hinet.net/resources/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/css/swipebox.css
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
3f17663a307134364af3e4ddc5a97ca0dd14b15aadb0627199151abd18c2e616
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:38 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
bfc39b8866afe927c5a4bab08252ccd6
jquery.swipebox.min.js
times.hinet.net/resources/js/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/jquery.swipebox.min.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
294593c4aed632598c22cd7ab624e2f37047e9a5c3d5fbb3c672172f307e73c0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
671336ce05a56168ceffae7fd6dbb2cd
app.js
ssp.hinet.net/api/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/app.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
d55934a99c7ba8bf7c785518707b04b8b05a3bf227cabb1d3b8b731f4cf4052d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:12 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
application/javascript
utag.js
t.ssp.hinet.net/ 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:12 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 18 Nov 2022 20:13:12 GMT
idle.css
times.hinet.net/resources/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/css/idle.css?2020080501
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
41be49b2c1f7e3a3463d40241f8c543e256ffbc279fba84d4ebd27af511b5e6d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Fri, 23 Jul 2021 03:53:10 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
5c29c1506d3e6c624fcde363464459c4
ppnio.js
player.svc.litv.tv/v2/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/v2/ppnio.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6600:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f29f3b69ee546ca0c55363cc133187a504fe4cc432cddc212f61aef99aa70ea2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
uvn1iXtB3u2Y2WB9YAheBsny2wuyiToA
content-encoding
gzip
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
date
Thu, 17 Nov 2022 20:28:45 GMT
last-modified
Wed, 17 Aug 2022 08:54:46 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
84866
etag
W/"15fcdc71edd4fb6c7c598166dcc1bd4b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
9kuMYPe7Ii3Ou0rkWMo8Cn7O0W5-6-9tHYN2zfPc-Gmve1rmXyic4w==
jquery.masonry.min.js
times.hinet.net/resources/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/jquery.masonry.min.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
cdb71be7dca0a2bc583d6a9fcb1e776519d597a9fe39a98fcf0350a9722ac5d2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
775d67c9c71d60d892c473203f350952
kayakWidgetnews
trip.hinet.net/search-widget/script/uwl/ 		50 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
149da4a013ad437a428680c1e04303ebc4038d2667105457b5472055e773e06d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-sn-waf-code
content-security-policy
upgrade-insecure-requests
date
Fri, 18 Nov 2022 20:03:11 GMT
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
server
KAYAK/1.0
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
content-language
zh-TW
content-type
application/javascript
cache-control
no-store
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
vary
accept-encoding
accept-ranges
bytes
x-xss-protection
1; mode=block
sps
times.hinet.net/hamiplus_stat/ 		3 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/hamiplus_stat/sps?dev=pc&type=news&nid=24260251&uid=06f04a50677c11ed92dd005056b11227
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload, max-age=63072000; includeSubdomains; preload
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/html;charset=UTF-8
x-cache
MISS, MISS
accept-ranges
bytes
content-length
3
x-xss-protection
1;mode=block
x-request-id
845784a76d7c91286a61812e9287b07a
mustache.min.js
times.hinet.net/resources/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/mustache.min.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
4d6f09b49bc8582f0a413c867dfefabaf48920cbb25bfc3d3d760e2848a65f2a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
7c407a0f09e088ecf331f617330c0a5a
pc-finance
vatrack.hinet.net/jsva/00000107/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vatrack.hinet.net/jsva/00000107/pc-finance?id=24260251
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.39.224.124 Pingtung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
vatrack.hinet.net
Software
nginx / PHP/7.0.33
Resource Hash
a80a3a5eed64d6eb9097a6e2dd787eaa96dce7e75828e37f7225f92d661ba10f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Nov 2022 20:03:13 GMT
Content-Encoding
gzip
Server
nginx
X-Powered-By
PHP/7.0.33
Content-Type
text/javascript;charset=UTF-8
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Expires
Sat, 26 Jul 1997 05:00:00 GMT
kayakWidgetright
trip.hinet.net/search-widget/script/uwl/ 		50 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/script/uwl/kayakWidgetright
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
0caae77862b4e3db781b347a3229e8f0122cb80adbadf2432865ce67f5b8d22b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-sn-waf-code
content-security-policy
upgrade-insecure-requests
date
Fri, 18 Nov 2022 20:03:11 GMT
x-content-type-options
nosniff
referrer-policy
origin-when-cross-origin
server
KAYAK/1.0
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
content-language
zh-TW
content-type
application/javascript
cache-control
no-store
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
vary
accept-encoding
accept-ranges
bytes
x-xss-protection
1; mode=block
top10_1.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_1.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
bc789c11f792ba3fee7ec986d060f5efc6bea4c2ebc10c05b027ee5549835328
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1093
x-xss-protection
1;mode=block
x-request-id
58b2a04ff033953248a7e0d2b3f10f26
top10_2.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_2.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
19d30fa994cb314679523d92b8370332697a73e4c1bd72b434d12764ece27f21
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1189
x-xss-protection
1;mode=block
x-request-id
e5c2b1331baf18020c172b390f217c4d
top10_3.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_3.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
3bb5351d59c33c01019ffe6ca2fa98e122b40a0594cc460c5c870d54d62f9aac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1175
x-xss-protection
1;mode=block
x-request-id
139cc35741a87f00d023addd3e44c660
top10_4.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_4.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
bb3ddc1e9f0657db1d5ac712d5752513fcfb8275e4666fd0c2c21712755237cc
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1138
x-xss-protection
1;mode=block
x-request-id
f0525c15d904e961acba7173800b6417
top10_5.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_5.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
453f130034a0523860d786d602b419f84c966d13bfba58f38762b8d3fc0b2030
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1171
x-xss-protection
1;mode=block
x-request-id
b06ff8e31d535dcd10e679a87c242d72
top10_6.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_6.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
1b7ccc4002d2466149f4c1434d90876a0fd332dbd744965ca80a721045d2184a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1174
x-xss-protection
1;mode=block
x-request-id
10d93a226875ad8a156d3f6f0891da26
top10_7.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_7.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
c9244ec01b005c2513817a2983888ff8f5e58c6d9766da7fcd9e2f09ee47099b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1139
x-xss-protection
1;mode=block
x-request-id
44640d79797dcc9aa75bfd2917736e57
top10_8.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_8.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
ae86278189aaa71bbe01e42bc8d08c6998f2aca71c2ce11bcdc05a6b45841859
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1179
x-xss-protection
1;mode=block
x-request-id
a6a20ff90534967b7f55d6dcfd6f6db5
top10_9.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_9.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
da877ad2c44df0beca30c18a53358b832ce9603964a11fa61a1eb059a5493559
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1176
x-xss-protection
1;mode=block
x-request-id
e89a6e0850b81fe5bb18b659b8378544
top10_10.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_10.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
5207333941efa23ca5ba590b4f49fb36bd687094f851638156a92f8e6294ac15
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1195
x-xss-protection
1;mode=block
x-request-id
00f56ee753d62f9201058c8d3c5e8bd2
18455b627f400000220b.jpg
times.hinet.net/news/cimages/admin/ 		92 KB
92 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/news/cimages/admin/18455b627f400000220b.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
2c9426c5828a369824063be81f445427459e63d4723cbdd0b9fdc2fc0d50e8e2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Tue, 08 Nov 2022 05:28:32 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg
accept-ranges
bytes
content-length
94239
x-xss-protection
1;mode=block
x-request-id
6b10483c550b6adc813c440739eb0007
18428bc6b49000008d87.gif
times.hinet.net/news/cimages/admin/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/news/cimages/admin/18428bc6b49000008d87.gif
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
f05047b7cd6381ea11cd85ba8fc069acfd88f1d5db9e7d2c98068a8d1d07d247
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Sun, 30 Oct 2022 11:52:27 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/gif
accept-ranges
bytes
content-length
63559
x-xss-protection
1;mode=block
x-request-id
5d9b1513cc08f12de840c960973101d4
universal.js
tenmax-static.cacafly.net/ssp/ 		134 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tenmax-static.cacafly.net/ssp/universal.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f96c8c8103c14a38aea79e05ebb36468293fb18df12afdf2bd3fa4962e911498

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Nov 2022 20:03:11 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
JCf4tzlfh4Oz4mQf/vMadg==
age
6468
x-cache
TCP_MISS
x-ms-lease-status
unlocked
last-modified
Fri, 18 Nov 2022 07:09:21 GMT
server
cloudflare
etag
0x8DAC933D14A0B60
x-azure-ref
0VTZ3YwAAAABjJhvtbq2LTa8JhG0vpl3rRlJBMjMxMDUwNDE3MDM5AGIxMjFlMjFjLTdjMjgtNDA4Yi1iZDBmLTkzY2I0ZTdkZmVkZQ==
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
078391bd-701e-0007-7e20-fb1472000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=1800
x-ms-version
2009-09-19
cf-ray
76c34edf88cb9106-FRA
s_1668741237211.jpg
times.hinet.net/news/cimages/maganum/20978/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/news/cimages/maganum/20978/s_1668741237211.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
230149a16e39bb5144cf95a66c3897be922ce296a96e1152f529fc2ea87b5d5e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 18 Nov 2022 03:18:11 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg
accept-ranges
bytes
content-length
61629
x-xss-protection
1;mode=block
x-request-id
46243607fba08a28ea6bfa8527af7eec
jquery.mmenu.min.js
times.hinet.net/resources/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/jquery.mmenu.min.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
1fa4c3d86e2f4ce501d789f6230a225e49959ffd4ca6e0552d516d5f9f0ade5a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
9590c7dc37b05db1b23f527ce0ff3bb2
page.js
times.hinet.net/resources/js/ 		593 B
493 B 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/page.js?20180525
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
716315cd5003af76ab26facc35af4fc97cdbd5b7995660f14d1ced4b5246d88d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
dfe11dd9d98edccac3bd492c9a03b22c
d2s.js
static.adsinstant.com/hinews/ 		6 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsinstant.com/hinews/d2s.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-77.fra60.r.cloudfront.net
Software
nginx/1.10.3 /
Resource Hash
c5e2a8ed52b4f7c1706467a053a88aeebe816ae23217d87812d1709a71267a46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 01:07:38 GMT
Content-Encoding
gzip
Via
1.1 5fa65194b963365c20fbd28444032cfc.cloudfront.net (CloudFront)
Last-Modified
Tue, 08 Sep 2020 01:03:12 GMT
Server
nginx/1.10.3
X-Amz-Cf-Pop
FRA60-P1
Age
68133
ETag
W/"5f56d850-187f"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
X-Amz-Cf-Id
m1coSltfKNOgtgbvmANQLh-v8lnBe5AU0R2883MwFcmE4r5Ae1jzjg==
sticky-kit.js
times.hinet.net/resources/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/sticky-kit.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
9082df375d326487e81a00c11e7b9c8b01ccc95423e066fa05e6d3239b335d8d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
907124e0b67cf9bf2a8e4b32b13b82b8
stickymain.js
times.hinet.net/resources/js/ 		1 KB
692 B 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/stickymain.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
13ddd5194f5cfe75b4d9d0500831b1cc64aaac2a8ce2e10984e43533dc0ecc93
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
853722ef8bf36164c324aa03754dd345
sticky-init.js
times.hinet.net/resources/js/ 		313 B
478 B 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/resources/js/sticky-init.js?20180525
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
c2c4d4ebf5dc7968063414e8cee5e6f78a4a72e5c65c96f43f8a6d073e646b12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Tue, 30 Jun 2020 06:47:40 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=UTF-8
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
780fea74cdd75f8d48bfe4a74a71eb80
loader.js
cdn.taboola.com/libtrc/salesfrontier-hinet/ 		187 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/salesfrontier-hinet/loader.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
54b15c4a34956e08301bd2ea20a3b4166a2196a2e2b793e35a8ef14527e9e5f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
ZZBWwwpnFuBVT.XYFAjZSMVMTx.zZdlf
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Nov 2022 20:03:11 GMT
x-amz-request-id
NYVPJEQRMHHHZQBP
age
172
x-cache
HIT
content-length
25150
x-amz-id-2
i6VRk2+SMv93bSwsUbvfRAbI9kYGV8QtEJUOxZ3/lVCsJsb/1rXk+L3ND9KbuTzPhrp31H7Wsyo=
x-served-by
cache-fra-eddf8230025-FRA
last-modified
Thu, 17 Nov 2022 16:26:25 GMT
server
AmazonS3
x-timer
S1668801792.904623,VS0,VE18
etag
"8590e20a2921e8aafc625e0623f712c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
92
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
sdk.js
connect.facebook.net/zh_TW/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
be72158957981ab0c54608d52f74fa1973ce9b65d4d6d62396db50aead1b27a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Nov 2022 20:03:11 GMT
content-md5
7IA0MciMIYfY9mT+K8E7Gg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-rlafr
0
x-fb-debug
p98FlUcLeeCn3KQoY6hhVZIJxmBiqigFfM3VoT5iTbxZvmUEmWudymhf3IxyhbbU7LioBBDcApbXknlwhk/43Q==
x-fb-trip-id
917726464
x-fb-content-md5
c7b3b5c8d244ca020da7bc74436ddb63
cross-origin-opener-policy
same-origin-allow-popups
etag
"fe0d12ee94b7638a1d43fa276fdc600c"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Fri, 18 Nov 2022 20:06:50 GMT
allbg.jpg
times.hinet.net/resources/images/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/allbg.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
812e7916a940bbb32e8cdb65f1f3b186844b2c94dfc37d4ed72bdf4bef455cc3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:11 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:10 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg;charset=UTF-8
accept-ranges
bytes
content-length
7607
x-xss-protection
1;mode=block
x-request-id
a2400905adc20aad3eb14498308493f8
logo.jpg
times.hinet.net/resources/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/logo.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
55172cf998222254b48642cc653c0333c6c9d69a8a69ea9141f193a477a8447a
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg;charset=UTF-8
accept-ranges
bytes
content-length
12062
x-xss-protection
1;mode=block
x-request-id
e2cf25b3e38460553f41beedbb34d7e9
btn_search.png
times.hinet.net/resources/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/btn_search.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
5f3d6bdc9e2abd036311e3c2d71bc9b8c305b28996a4dfe27a4f59c1895492d2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1350
x-xss-protection
1;mode=block
x-request-id
498b726355faab8093f2f4bf671923b3
btn_fb.png
times.hinet.net/resources/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/btn_fb.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
b4698e4108a364a339ae3aecb146c246cf9a3b83fd23fd93717eaf8f122508ac
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
2697
x-xss-protection
1;mode=block
x-request-id
4d8b7f2f05bb8c32365d06d86b583b98
btn_setting.png
times.hinet.net/resources/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/btn_setting.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
c0a898a2dcfa5fef330cc475218837d18afd1925818fcb0f04e552b37e0195c8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
3052
x-xss-protection
1;mode=block
x-request-id
a39181ac7581e460222529b183c00b93
ico_01.png
times.hinet.net/resources/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/ico_01.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
9848e1900be6fb5365aa67f8f7df1f0aff3c354c97ee22628c7d1808154de6ff
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1348
x-xss-protection
1;mode=block
x-request-id
07c7ad006a93d692b2e5c6231ddbc78f
ico_03.png
times.hinet.net/resources/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/ico_03.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
69ec8663bf1831d5340d5296a087de1d08e134ff2c018136a5050f9a5022e4bb
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:12 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1415
x-xss-protection
1;mode=block
x-request-id
cc8e74ecd9fc69a68c1aa832f475a0be
impl.20221117-23-RELEASE.js
cdn.taboola.com/libtrc/ 		692 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/salesfrontier-hinet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aa23ab86a61744f51cc8f2b620d9f5215cd85f76e10f533222f602d0ab31b0e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
tkSRILgrOqz123pcvhyl_8uLk3IiN6M4
content-encoding
br
via
1.1 varnish
date
Fri, 18 Nov 2022 20:03:11 GMT
x-amz-request-id
BC3T6V3E9YNNECJ7
age
14110
x-cache
HIT
content-length
146589
x-amz-id-2
s7E2Vp5zt6omwp1LEcHE4Q+tDWy5bSoaSjvD6bx3Y04InQh4BwuhRFjEopDeB4S3GG2m+rZklB0=
x-served-by
cache-fra-eddf8230025-FRA
last-modified
Thu, 17 Nov 2022 16:06:54 GMT
server
AmazonS3-br
x-timer
S1668801792.946841,VS0,VE0
etag
"2b0faf11038a210925ed7fb54f76478c"
vary
Accept-Encoding
content-type
application/javascript
abp
42
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
32
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/salesfrontier-hinet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:45:34 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
22658
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
O19xhGMs-Ge75H199I2fUKsNQJdDZYH_gC8VoV1pfzBPPyxX8qtksA==
sdk.js
connect.facebook.net/zh_TW/ 		306 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_TW/sdk.js?hash=95c72e2b8d6066b5d36c30ea3b3a0d23
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
357c45d99be4828fdfd588784363f15810360c47338153f8e6afaab697171803
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Nov 2022 20:03:11 GMT
content-md5
CCfDw01ISDu5VpckER03/w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88527
x-fb-rlafr
0
x-fb-debug
nnT7uvn4Mo96D/rVVmXx/YAafbjsm7ydsklA0H659PnxzsZl4GmZp12v8gHydGMUHVtIHwu8/erD9hf1ustOKQ==
x-fb-content-md5
60437309e32230aab1be1a24194960f2
cross-origin-opener-policy
same-origin-allow-popups
etag
"c1ea9ccbdc8dd8423ba830e4952adb22"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 18 Nov 2023 17:29:33 GMT
b
sb.scorecardresearch.com/ 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1668801792003&ns_c=UTF-8&c7=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&c8=%E7%BE%8E%E5%85%83%E5%AE%9A%E5%AD%98%E5%84%AA%E5%88%A9%20%E6%9C%89%E6%9C%9B%E8%A1%9D5%25-%E8%B2%A1%E7%B6%93-HiNet%E7%94%9F%E6%B4%BB%E8%AA%8C&c9=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:12 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
cTL24zfAHd65d_-gMVRcc-Pay0mETFLxFpW94SdN9-r7fPLr66tKBA==
x-cache
Miss from cloudfront
/
t.ssp.hinet.net/ 		37 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
f9d76563f26b134771e14ff59d86f990905be5e55ea8976a33e7f2c72187dab0
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:12 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, private
access-control-allow-credentials
true
json
ssp.hinet.net/api/web/request/ 		17 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017003&s=201703000011&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801792934&oi=zfySr&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017003%26s%3D201703000011%26u%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26ad%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26t%3D1668801792934%26oi%3DzfySr%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F24260251&o=ez1t9
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e091e49dfd6df3afa2eadfb799c8703d4de4181707813348004d335bccf5f0a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Fri, 18 Nov 2022 20:03:13 GMT
access-control-allow-credentials
true
server
nginx
content-length
17
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
emome2
t.ssp.hinet.net/ 		30 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=164582de-f8ec-40d2-a370-995413964d97
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:13 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, private
access-control-allow-credentials
true
json
ssp.hinet.net/api/web/request/ 		59 B
230 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017034&s=201702000074&callback=jQuery36007003080945376341_1668801791866&_=1668801791867
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/js/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
dc5266c9baba411c3cf1d8135a6352891f127e6d75e98a2d40d896be4f00c9f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Fri, 18 Nov 2022 20:03:13 GMT
access-control-allow-credentials
true
server
nginx
content-length
59
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
ppnif.html
player.svc.litv.tv/v3/ Frame 3F7A 		933 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6600:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4867d78d8cf2d27090f436525403b30019c5b9c6808f8c070e9aefd14d0de94c

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
57779
content-length
933
content-type
text/html
date
Fri, 18 Nov 2022 04:00:15 GMT
etag
"caf8fef87489e046b536046382e0765f"
last-modified
Wed, 19 Oct 2022 05:58:43 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-id
kSTMJ_ogG1o8hRbWkPy06NnjcdZQVGfxHHgir8gxnEw2PQjfHd7xdQ==
x-amz-cf-pop
FRA56-P6
x-amz-version-id
EubvK8qNOIn_3kFVKMj4.KWYl3xiYsej
x-cache
Hit from cloudfront
icon_receipt.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_receipt.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
985da98fe4a246bd70fb6491c0c1624ee92d2dd32e67e14c12669ad2f0c4b1ea
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:13 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1597
x-xss-protection
1;mode=block
x-request-id
476749dc521cca18f880ccfacfeb4b18
icon_lottery.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_lottery.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
b909b819de73b529dfc23d1223be82163e1a034c44ee8ae31598b0d20bce3d34
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:13 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
2081
x-xss-protection
1;mode=block
x-request-id
308ed2d69f3f72c55eb4a5d040ac9aee
pixel
164582de-f8ec-40d2-a370-995413964d97.t.ssp.hinet.net/ 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://164582de-f8ec-40d2-a370-995413964d97.t.ssp.hinet.net/pixel?bd=164582de-f8ec-40d2-a370-995413964d97&t=f2b798
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
json
ssp.hinet.net/api/web/request/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017003&s=201707000014&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801793659&oi=64u5j&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017003%26s%3D201707000014%26u%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26ad%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26t%3D1668801793659%26oi%3D64u5j%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F24260251&o=WLp4K
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
956abac063f343827e8fbd9eeb322237a3d540405bda4b55b4988742cad639d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Fri, 18 Nov 2022 20:03:13 GMT
access-control-allow-credentials
true
server
nginx
content-length
1144
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
icon_small.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_small.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
8aeb2aacc69370ca7485addf948ff95becd05d389274aea6c079c1c6f2f27cc0
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1645
x-xss-protection
1;mode=block
x-request-id
fec4b2f93936ebadd8629e8e4a9f964b
icon_middle.png
times.hinet.net/resources/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_middle.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
18044d775a7745700d2a79e4063b68780c6e663f7761b1c774d95bde64db974c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1423
x-xss-protection
1;mode=block
x-request-id
f168f61b50d08420be711b7b2fc59374
icon_big.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_big.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
4506fb221c1dd5f5f33bee1421a19d4eaf99d878ef193e9675e907999b700c27
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1708
x-xss-protection
1;mode=block
x-request-id
eb4c573c23c6a0060cba6b49d5ffe2f3
icon_line.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_line.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
627fabb28705f9298120ad164d77d20a9d97a55bc63ac90c95fd674e1afc2632
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
2180
x-xss-protection
1;mode=block
x-request-id
14ca002eb55bc2edb0007ffc9daf7706
icon_fb.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_fb.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
71a64d82ed79d6c4c8cb1c52e11a4e233ae803e37d4331e4ffcceb99b876f791
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1766
x-xss-protection
1;mode=block
x-request-id
174b765c846568edfc847fd87398ab89
icon_mail.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_mail.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
4f6783d500427e61a892209ffccb262f379dbb23714af8a615739306f7bebc0e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1928
x-xss-protection
1;mode=block
x-request-id
f6bb02eed05df5a8f9ccf11a01f788ac
request
ssp.hinet.net/api/web/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017003&s=201707000014&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801793659&oi=7e6AD&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&o=f3SOq
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
5da70f7eba0fb58c96620fb4129f236d5608f865f3900d2fd40b423b3dccda3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
jquery-1.9.1.min.js
code.jquery.com/ Frame 4D41 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-169d5"
vary
Accept-Encoding
x-hw
1668801794.dop135.fr8.t,1668801794.cds155.fr8.hn,1668801794.cds250.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32772
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4D41 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e1c0ebf7754cb31a1f17efc56308561c1efee8c060f6e3c4f6a7ce25451a0f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27269
x-xss-protection
0
server
sffe
etag
"1396 / 423 of 1000 / last-modified: 1668773326"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Nov 2022 20:03:14 GMT
third
ssp.hinet.net/api/web/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201707000014&th=29&wc=3179
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
main
trip.hinet.net/search-widget/widget/uwl/ 		126 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/main?cc=tw&lc=zh&_=1s8duic&theme=default
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
8543d41d13ed84a396a15da4d087d8aa57d26bf8d6575fec3b38a5be271f1ab8

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

x-sn-waf-code
date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
br
server
KAYAK/1.0
age
3630
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
content-type
application/json;charset=UTF-8
cache-control
no-store, max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
31315
auto-complete
trip.hinet.net/search-widget/widget/uwl/ 		60 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/auto-complete?cc=tw&lc=zh&_=1s8duic
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
d38c1fd7f1e167828e49c6483d6c1ab0152806da6d25fd80389776624ee8e938

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

x-sn-waf-code
date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
br
server
KAYAK/1.0
age
3630
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
content-type
application/json;charset=UTF-8
cache-control
no-store, max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
21053
date-picker
trip.hinet.net/search-widget/widget/uwl/ 		128 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/date-picker?cc=tw&lc=zh&_=1s8duic
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
cd1c4f56a2b52983938cea5c748e9d1be8d98a93cc911ebc16c92a4e787368be

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

x-sn-waf-code
date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
br
server
KAYAK/1.0
age
3630
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
content-type
application/json;charset=UTF-8
cache-control
no-store, max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
37456
modal-error
trip.hinet.net/search-widget/widget/uwl/ 		14 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/modal-error?cc=tw&lc=zh&_=1s8duic
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
e8106277c59ced35da9345137bb550cfefe871909872cf03739daf194ac2ff3b

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

x-sn-waf-code
date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
br
server
KAYAK/1.0
age
3630
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
content-type
application/json;charset=UTF-8
cache-control
no-store, max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
4353
hotel-travelers
trip.hinet.net/search-widget/widget/uwl/ 		78 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/hotel-travelers?cc=tw&lc=zh&_=1s8duic
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
36ef2a989e39ae6f8d97a51ceaee070273d6dc46d1be51ea51dd46f38c4365f3

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

x-sn-waf-code
date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
br
server
KAYAK/1.0
age
3630
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
content-type
application/json;charset=UTF-8
cache-control
no-store, max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
8109
a_prev.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/a_prev.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
6c387c7d90607aef5af34bd725ea7e2231e00575b3fef63e9edfdabd4d2c1a9c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:10 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1904
x-xss-protection
1;mode=block
x-request-id
09dd95f43cb8e201d4dc2503d25e5e02
a_next.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/a_next.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
d63a0e4ea320c3674d77dc2b87ab23aad3d4807b32aca18314c6c1c713cdb42b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:10 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1931
x-xss-protection
1;mode=block
x-request-id
8dde4ebb1c8f91121d59ca955e7e3ecc
recommend_l.jpg
times.hinet.net/resources/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/recommend_l.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
9bb22fb29d4dee597bd42cbd2b3bc41d351836d9b7409730da060174ce3b2e50
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg;charset=UTF-8
accept-ranges
bytes
content-length
14359
x-xss-protection
1;mode=block
x-request-id
7ce736bfaa08b1ef27e85e07144550e2
icon_redDot.jpg
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_redDot.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
a3da22a435976dbc1aa933bb0a870f2dd410c95ab9d4f4284ea0188eca61316b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg;charset=UTF-8
accept-ranges
bytes
content-length
1124
x-xss-protection
1;mode=block
x-request-id
a85adaad5762e0a4f56caa00e25a6de4
ppnio.js
player.svc.litv.tv/v3/ Frame 3F7A 		650 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/v3/ppnio.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6600:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e9f1b04ba4aa0432fb62384b84c438523b6bdc1571f4a91e86aae39c01e8cef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
juVOQWwAP0XoHQx6Ev59SY_06qdNlC1l
content-encoding
gzip
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
date
Fri, 18 Nov 2022 00:58:02 GMT
last-modified
Wed, 19 Oct 2022 05:58:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
68734
etag
W/"6f4f3af59183bc8019e3f73a9096e53c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
vPdjY1oJ2KFA963JNly1fSeSjhlaVsatVMQSI7VzI8OvQ3oOAVkpcw==
icon_liDot_m.png
times.hinet.net/resources/images/ 		979 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_liDot_m.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
14c8862a2d9916b08fb2ffeee08896c7819db0b22bcdd613c9cad2afdf182ac8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
979
x-xss-protection
1;mode=block
x-request-id
bafb4b126b4a1e09437de5b785e992ca
json
trc.taboola.com/salesfrontier-hinet/trc/3/ 		9 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/salesfrontier-hinet/trc/3/json?tim=20%3A03%3A14.197&lti=deflated&data=%7B%22id%22%3A939%2C%22ii%22%3A%22%2Fnews%2F24260251%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1668702360921%2C%22vi%22%3A1668801794181%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251%22%2C%22vpi%22%3A%22%2Fnews%2F24260251%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2538%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-stream%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%22%2C%22cd%22%3A0%2C%22mw%22%3A0%2C%22amw%22%3A0%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A4%2C%22uim%22%3A%22alternating-thumbnails-widget%3Aabp%3D0%22%2C%22uip%22%3A%22Above%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Above%20Article%20Thumbnails%22%2C%22cd%22%3A162%2C%22mw%22%3A700%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnews%2F24260251%2CAbove%20Article%20Thumbnails%3Dalternating-thumbnails-widget%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%3Dthumbnails-stream%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
09a518bcf90c928c2df1fa6c7571c17f6d2d299a228f21562eb36905a92cfde0

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
185
date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230025-FRA
server
nginx
x-timer
S1668801794.210574,VS0,VE185
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://times.hinet.net
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
getExtendNews
times.hinet.net/ 		27 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/getExtendNews?id=24260251
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/js/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
ba4c287aa8f5c8cad7347c3f5b1da6d4eb00ae6ef9792b1a91eac4a882b27a02
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://times.hinet.net/news/24260251
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
server
HiNetCDN/2211
vary
Accept-Encoding
x-cache
MISS, EXPIRED
content-type
application/json;charset=UTF-8
x-frame-options
SAMEORIGIN
x-xss-protection
1;mode=block
x-request-id
1fa401c073b0a677712a5ecd6d8e44d7
btn_next.png
times.hinet.net/resources/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/btn_next.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
618d3c3e4761a7573bc98ec4e4620b3ec7464e9a2022bc2f7dfb4ae1943c3025
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
3970
x-xss-protection
1;mode=block
x-request-id
3dbe2414581d1441cb904b961f34d631
json
ssp.hinet.net/api/web/request/ 		577 B
749 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017034&s=201702000027&callback=jQuery36007003080945376341_1668801791868&_=1668801791869
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/js/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
92016b724fa9479a90f88aef013f6e078bcb247c5b6ee3281a0c7ecc007775d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Fri, 18 Nov 2022 20:03:14 GMT
access-control-allow-credentials
true
server
nginx
content-length
577
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
hinet_times.js
api.popin.cc/searchbox/ 		144 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/searchbox/hinet_times.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
3f2a941a3467eff8bf3ee73afb1b4e4c784acb5946d9a1c76613e92564eb010e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:15 GMT
x-amz-version-id
83F_a6C_CQRk4MDPfOnUOMTSuwB8mZJz
Content-Encoding
gzip
Last-Modified
Thu, 17 Nov 2022 04:10:20 GMT
Server
nginx
ETag
W/"365b2da4010bcd0722a616bbbd375acb"
X-Cache-Status
HIT from 10.252.55.44
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Fri, 18 Nov 2022 21:03:15 GMT
mobile_iframe.html
www.hinet.net/tv/ Frame 4E75 		0
0
flight-trip-status
trip.hinet.net/search-widget/widget/uwl/ 		21 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/flight-trip-status?cc=tw&lc=zh&_=1s8duic
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
b4f2789f8fbf81164a3af6a087ab355ce2e66e8cdbf123fdeeb5aa6e15696edc

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

x-sn-waf-code
date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
br
server
KAYAK/1.0
age
3630
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
content-type
application/json;charset=UTF-8
cache-control
no-store, max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
7293
flight-travelers
trip.hinet.net/search-widget/widget/uwl/ 		27 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/flight-travelers?cc=tw&lc=zh&_=1s8duic
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
29f6b82c1079372e094ef8b79c27e27dd9a7319a913664efd59a9ba535a4d43e

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

x-sn-waf-code
date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
br
server
KAYAK/1.0
age
3630
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
content-type
application/json;charset=UTF-8
cache-control
no-store, max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
8189
car-trip-status
trip.hinet.net/search-widget/widget/uwl/ 		11 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/car-trip-status?cc=tw&lc=zh&_=1s8duic
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
4794c13ae992bbc521a37384c716bd0203c66bb2a5ea17fa71d6ec1dc8103274

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=utf-8

Response headers

x-sn-waf-code
date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
br
server
KAYAK/1.0
age
3630
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-language
zh-TW
access-control-allow-origin
*
content-type
application/json;charset=UTF-8
cache-control
no-store, max-age=86400
vary
Accept-Encoding
accept-ranges
bytes
access-control-allow-headers
origin, X-Requested-With, Content-Type
content-length
3867
weather2.png
times.hinet.net/resources/images/weather_icon/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/weather_icon/weather2.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
b639864f07aa4711dd44dd5a09e5fa230d0d3f82465dfdc2b875a3380c301283
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:16 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
2528
x-xss-protection
1;mode=block
x-request-id
934454928d9d6d2d305389fbe26d9d2d
icon_weather_arrow.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_weather_arrow.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
4917a38e1d58f7b36fe882f03446589c36f40ebd329cfc54c5637bfed9f9824d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1043
x-xss-protection
1;mode=block
x-request-id
ce8a85f5da37b3e8ab50260a4f616e42
index.html
times.hinet.net/hinetlife2/ Frame 2FE8 		545 B
526 B 		Document
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/hinetlife2/index.html
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
95abe5b1e4ce00e56c1c7d08820eb0eaf6eb888d6551905af5dfbcec42a4e835
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Referer
https://times.hinet.net/news/24260251
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Fri, 18 Nov 2022 20:03:14 GMT
last-modified
Fri, 20 Dec 2019 06:40:06 GMT
server
HiNetCDN/2211
strict-transport-security
max-age=63072000; includeSubdomains; preload
vary
Accept-Encoding
x-cache
EXPIRED, HIT
x-frame-options
SAMEORIGIN
x-request-id
93e911d6c2d8d60841e99d61f19ca23a
x-xss-protection
1;mode=block
main
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/main?cc=tw&lc=zh&_=1s8duic&theme=default
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET,POST
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Fri, 18 Nov 2022 20:03:14 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-sn-waf-code
x-xss-protection
1; mode=block
auto-complete
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/auto-complete?cc=tw&lc=zh&_=1s8duic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET,POST
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Fri, 18 Nov 2022 20:03:14 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-sn-waf-code
x-xss-protection
1; mode=block
date-picker
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/date-picker?cc=tw&lc=zh&_=1s8duic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET,POST
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Fri, 18 Nov 2022 20:03:14 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-sn-waf-code
x-xss-protection
1; mode=block
modal-error
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/modal-error?cc=tw&lc=zh&_=1s8duic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET,POST
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Fri, 18 Nov 2022 20:03:14 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-sn-waf-code
x-xss-protection
1; mode=block
hotel-travelers
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/hotel-travelers?cc=tw&lc=zh&_=1s8duic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET,POST
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Fri, 18 Nov 2022 20:03:14 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-sn-waf-code
x-xss-protection
1; mode=block
flight-trip-status
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/flight-trip-status?cc=tw&lc=zh&_=1s8duic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET,POST
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Fri, 18 Nov 2022 20:03:14 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-sn-waf-code
x-xss-protection
1; mode=block
flight-travelers
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/flight-travelers?cc=tw&lc=zh&_=1s8duic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET,POST
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Fri, 18 Nov 2022 20:03:14 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-sn-waf-code
x-xss-protection
1; mode=block
car-trip-status
trip.hinet.net/search-widget/widget/uwl/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/widget/uwl/car-trip-status?cc=tw&lc=zh&_=1s8duic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
GET
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
GET,POST
access-control-allow-origin
https://times.hinet.net
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Fri, 18 Nov 2022 20:03:14 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-sn-waf-code
x-xss-protection
1; mode=block
h3_top10.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/h3_top10.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
42215ceadd2b46b0b790c33d8cf26125384152dd3fd1a1b5917a5f6d5e8cc006
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
2055
x-xss-protection
1;mode=block
x-request-id
6df4413647ab9b9d1bea00bda1ad0321
top10_ar.png
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/top10_ar.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
86138d6b9f293675aa721961d190c5bfbf1755a9d945b5d6a74a69378ae41fbe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1115
x-xss-protection
1;mode=block
x-request-id
685bfba441f47ba95433e1cd329bad93
btn_more_org.png
times.hinet.net/resources/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/btn_more_org.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
9ed7c9b6e38e405c40e249161c718e2d2d6baf5889c95d17723f86787641ed1f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
3769
x-xss-protection
1;mode=block
x-request-id
3a4de60a5c61f2e791f40bd143469d11
pixel
164582de-f8ec-40d2-a370-995413964d97.t.ssp.hinet.net/ 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://164582de-f8ec-40d2-a370-995413964d97.t.ssp.hinet.net/pixel?bd=164582de-f8ec-40d2-a370-995413964d97&t=hinet
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
icon_liDot_issue_s.png
times.hinet.net/resources/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_liDot_issue_s.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
1cc9e5b9a038b56587837431eaed3a222f9c696f9dff5c44beabb8ccc5e3c4f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
2837
x-xss-protection
1;mode=block
x-request-id
e24c341424360689f0a392a29d5b26d9
h3_magazine_r.png
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/h3_magazine_r.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
b898198e3cd6d595d2917c53da74a6136c43f6b3e4b5dd46cc6e0cd743ba9676
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
1622
x-xss-protection
1;mode=block
x-request-id
8659dbcfffe6e4319cd58bf1e6275f37
btn_more.png
times.hinet.net/resources/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/btn_more.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
a3d666d61ba0b00cc6b56203773cfd9be034540c7d98bfb32031f21a8d0489fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
3793
x-xss-protection
1;mode=block
x-request-id
417791c5ad912a655f1bef02fa4d6611
icon_liDot_s.png
times.hinet.net/resources/images/ 		966 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/icon_liDot_s.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
a9a71eaef4525955e005478a8545b54fd4429564e1ecd9f4d943c93ea21a8d87
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
966
x-xss-protection
1;mode=block
x-request-id
0b2a2e40af6d4965257770cddc594685
spaceSetting
ssp.tenmax.io/supply/v3/universal/ 		117 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.tenmax.io/supply/v3/universal/spaceSetting?rmaxSpaceId=2f0bd42ae1064b18&referer=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&bodyWidth=1600&bodyHeight=1200&cacheBuster=7601534d-127f-4382-ab43-98408f222446
Requested by
Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/universal.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
dde62bd39efec70fac8c8d17a4fd1151608f0d08d09d3985abd7b1be9dfbbba6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:15 GMT
Server
nginx
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://times.hinet.net
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
117
X-Application-Context
application:prod,aggregator,build-ext:58070
b734323b-0532-40a6-8d4e-782e1c96bd3a
dmp.tenmax.io/p/ 		43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=281793802
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
Date
Fri, 18 Nov 2022 20:03:15 GMT
Content-Encoding
gzip
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="CUR ADM OUR NOR STA NID"
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Nov 2022 19:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2840
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 18 Nov 2022 21:15:54 GMT
color.jpg
times.hinet.net/resources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/color.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
5d46b5a818894adfb303f61890f3d0ed390e464e9c69b4da41dd31875fd4b12d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg;charset=UTF-8
accept-ranges
bytes
content-length
1127
x-xss-protection
1;mode=block
x-request-id
0be355c4c584011f4bb9ab264568d1d7
browser.jpg
times.hinet.net/resources/images/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/browser.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
75477f3949958becc4b03ff08e32ce45672db6409b821184fef888f2a61fbd51
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg;charset=UTF-8
accept-ranges
bytes
content-length
8852
x-xss-protection
1;mode=block
x-request-id
301cd1662712103b0d41e9aa4f1d9211
website.jpg
times.hinet.net/resources/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/website.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
0985fc9e6c924f671da4352346a551e7171d01be5c16aea4a2e9f966edc985f1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:14 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg;charset=UTF-8
accept-ranges
bytes
content-length
1952
x-xss-protection
1;mode=block
x-request-id
63e7cbe4176dd0369296d82b50f5de2d
btn_top.png
times.hinet.net/resources/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/resources/images/btn_top.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/css/global.css?v=20220331
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
e6cafced5a19ae0e443dd2dac21a3934510f461c645cbd171c28a35b776e8ba7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/resources/css/global.css?v=20220331
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
last-modified
Fri, 23 Jul 2021 03:53:12 GMT
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/png;charset=UTF-8
accept-ranges
bytes
content-length
2669
x-xss-protection
1;mode=block
x-request-id
b501400b27849e7f84741e29315aac24
pc-finance
vatrack.hinet.net/00000107/ 		43 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vatrack.hinet.net/00000107/pc-finance?id=24260251&va-title=%E7%BE%8E%E5%85%83%E5%AE%9A%E5%AD%98%E5%84%AA%E5%88%A9%20%E6%9C%89%E6%9C%9B%E8%A1%9D5%25-%E8%B2%A1%E7%B6%93-HiNet%E7%94%9F%E6%B4%BB%E8%AA%8C&va-ch=en-us&va-res=1600x1200&va-rid=26251&va-os=win32&va-dtid=1668801794282
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.39.224.124 Pingtung City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
vatrack.hinet.net
Software
nginx / PHP/7.0.33
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

ua
Chrome/107
p4
va_rid
26251
time
1668801794
va_res
1600x1200
t2
-
pmd
va_dtid
1668801794282
t3
-
Connection
close
p5
pmobile
Pragma
no-cache
track
145335529
param
?id=24260251
va_os
win32
p2
uri
/00000107/pc-finance
psn
va_title
美元定存優利 有望衝5%-財經-HiNet生活誌
Content-Type
image/gif
pattach_number
Cache-Control
no-cache, no-store, must-revalidate
p3
phn
Date
Fri, 18 Nov 2022 20:03:14 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
X-Powered-By
PHP/7.0.33
ptel
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
t4
679269326
va_attr
-
va_ref
-
t1
-
va_ch
en-us
Server
nginx
p1
id=24260251
ip
37.58.57.3
i
/
www.facebook.com/login/ Frame E0B2
Redirect Chain
  • https://www.facebook.com/v2.3/plugins/page.php?app_id=169777559824026&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df652a139c822c4%26domain%3Dtimes...
  • https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D169777559824026%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_ar...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D169777559824026%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df652a139c822c4%2526domain%253Dtimes.hinet.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftimes.hinet.net%25252Ff1e72a6c2c55e4%2526relation%253Dparent.parent%26container_width%3D300%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FHiNetnews%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=95c72e2b8d6066b5d36c30ea3b3a0d23
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 18 Nov 2022 20:03:14 GMT
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
DMhdGse50h8K7eDvyrsoPoGRjTC//YrhtqubyWk+1huS/JK5tvBt8iLm7ZqOG6xqCTxhCjfRdEtUQ3CtE8dA8A==
x-frame-options
DENY
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-length
0
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Fri, 18 Nov 2022 20:03:14 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version
v9.0
location
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fapp_id%3D169777559824026%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df652a139c822c4%2526domain%253Dtimes.hinet.net%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Ftimes.hinet.net%25252Ff1e72a6c2c55e4%2526relation%253Dparent.parent%26container_width%3D300%26height%3D500%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252FHiNetnews%26locale%3Dzh_TW%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dtrue%26width%3D300
pragma
no-cache
priority
u=3,i
strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
x-fb-debug
2I8K43H+fIltA3Pk2dWY8KO42OKeYLNFnXGwwgaqiklE9hwZkc4yQL1etMNoith0+uk4r0dYMfHv1WAvyxUgEw==
x-fb-rlafr
0
x-xss-protection
0
beacon.js
sb.scorecardresearch.com/ Frame 3F7A 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:45:34 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
22661
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
mYl1re71G4RAo7P9VnUzeY8eUhsp2-qUnUTJ_f6Sul5xxWAGcW7H9g==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 3F7A 		370 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126568
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:14 GMT
mobile_iframe.html
www.hinet.net/tv/ Frame E2AD 		60 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.hinet.net/tv/mobile_iframe.html
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/resources/js/jquery-3.6.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
ec1339f1806f796dfde85351cfded370551a2e041520b29351c81670032fba78
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
br
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
content-type
text/html; charset=UTF-8
date
Fri, 18 Nov 2022 20:03:15 GMT
last-modified
Fri, 18 Nov 2022 19:58:07 GMT
server
HiNetCDN/2211
strict-transport-security
max-age=31536000;includeSubdomains;preload
vary
Accept-Encoding Accept-Encoding,User-Agent
x-cache
EXPIRED, HIT
x-content-type-options
nonsniff
x-frame-options
ALLOW-FROM https://times.hinet.net
x-request-id
6798efcb8202323e912017d0362b7821
x-xss-protection
1;mode=block
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame 4D41 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7320
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Nov 2023 18:01:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 4D41 		875 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a8ee0403f4c897f53c06e745374d863e8072abf0b3ecc61a6ac5665e9acaf6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:14 GMT
userx.20221117-23-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20221117-23-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/salesfrontier-hinet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b409c9d8e227cfc9f2dbeb9116f1d49220ad0fcc9d7cddb4a5a7bd9e1c47a891

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
EISiIp21IXxU.6XGZ6DAAU_Wtki08jLO
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Nov 2022 20:03:14 GMT
x-amz-request-id
4T52T5XVXN4M0DHC
age
77
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
vnKxc3W13mzOXCDQmZ9EgDBT+ODZyYBfMwT7MNgK2jipxsu8GhkSJRqaUF0ehXqIyx0zTcGS2b4=
x-served-by
cache-fra-eddf8230025-FRA
last-modified
Thu, 17 Nov 2022 16:22:58 GMT
server
AmazonS3
x-timer
S1668801795.556639,VS0,VE0
etag
"829afb793f5113c47df799d1e44b1ee8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
42
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
25
json
trc.taboola.com/salesfrontier-hinet/trc/3/ 		84 KB
26 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/salesfrontier-hinet/trc/3/json?tim=20%3A03%3A14.543&lti=deflated&data=%7B%22id%22%3A704%2C%22ii%22%3A%22%2Fnews%2F24260251%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_07fa20295ae258ac7f062b5550bfe1f5_c78491ff-2206-4058-b6d0-5949b4935819-tucta716a82_1668801794_1668801794_CNawjgYQzvZVGIWh2uLIMCABKAEwODib4wlAiYoQSMr63gNQo-wQWABgAGiy-ebp3bfByjVwAA%22%2C%22ui%22%3A%22c78491ff-2206-4058-b6d0-5949b4935819-tucta716a82%22%2C%22uifp%22%3A%22c78491ff-2206-4058-b6d0-5949b4935819-tucta716a82%22%2C%22lbt%22%3A1668702360921%2C%22vi%22%3A1668801794181%2C%22cv%22%3A%2220221117-23-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251%22%2C%22vpi%22%3A%22%2Fnews%2F24260251%22%2C%22e%22%3A%22https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A2867%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A2544%2C%22mw%22%3A700%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnews%2F24260251%2CBelow%20Article%20Thumbnails%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5b2e686c5314dc9d47144d4d61d8b7c347dc19be674d905b3a0c0cae12d7fe62

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
312
date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
gzip
via
1.1 varnish
x-served-by
cache-fra-eddf8230025-FRA
server
nginx
x-timer
S1668801795.556585,VS0,VE312
vary
Accept-Encoding
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://times.hinet.net
content-type
application/javascript; charset=utf-8
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
output.6892b5a0c99805c321b6.bundle.js
times.hinet.net/hinetlife2/assets/ Frame 2FE8 		2 MB
356 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/hinetlife2/assets/output.6892b5a0c99805c321b6.bundle.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/hinetlife2/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
0c2c3833db039b05863f40069917952f041b8b245e385b6d8b92e93938b78c7e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/hinetlife2/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Fri, 20 Dec 2019 06:40:06 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
79d990d272f0943a6b24fee906add13b
form-data
trip.hinet.net/search-widget/ 		446 B
751 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/form-data
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
1444d8703b2dba64949fec72f764b30c2578682c307c460a738e9df480951a98

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-sn-waf-code
date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
gzip
server
KAYAK/1.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://times.hinet.net
content-language
zh-TW
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
content-length
308
form-data
trip.hinet.net/search-widget/ 		446 B
728 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/form-data
Requested by
Host: trip.hinet.net
URL: https://trip.hinet.net/search-widget/script/uwl/kayakWidgetnews
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
1444d8703b2dba64949fec72f764b30c2578682c307c460a738e9df480951a98

Request headers

Referer
https://times.hinet.net/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

x-sn-waf-code
date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
gzip
server
KAYAK/1.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://times.hinet.net
content-language
zh-TW
cache-control
no-store
access-control-allow-credentials
true
accept-ranges
bytes
content-length
308
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=775647503&t=pageview&_s=1&dl=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ul=en-us&de=UTF-8&dt=%E7%BE%8E%E5%85%83%E5%AE%9A%E5%AD%98%E5%84%AA%E5%88%A9%20%E6%9C%89%E6%9C%9B%E8%A1%9D5%25-%E8%B2%A1%E7%B6%93-HiNet%E7%94%9F%E6%B4%BB%E8%AA%8C&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=507002756&gjid=2066005909&cid=1365366507.1668801795&tid=UA-63943172-1&_gid=2022163553.1668801795&_r=1&_slc=1&z=878873701
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ Frame 3F7A 		0
189 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=18986219&c3=100001&cs_it=b3&cv=3.8.0.210223&ns__t=1668801794604&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQz%7CaGluZXQ%3D&c8=&c9=https%3A%2F%2Ftimes.hinet.net%2F
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
NZddnMfih8Y2Ng-7aonqmHNM98aKPIx44vF-Sn50U-aSSvbnxKoibQ==
x-cache
Miss from cloudfront
form-data
trip.hinet.net/search-widget/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/form-data
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://times.hinet.net
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Fri, 18 Nov 2022 20:03:14 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-sn-waf-code
x-xss-protection
1; mode=block
form-data
trip.hinet.net/search-widget/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://trip.hinet.net/search-widget/form-data
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
KAYAK/1.0 /
Resource Hash
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-requested-with
Access-Control-Request-Method
POST
Origin
https://times.hinet.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

accept-ranges
bytes
access-control-allow-credentials
true
access-control-allow-headers
content-type, x-requested-with
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://times.hinet.net
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
content-length
0
content-security-policy
upgrade-insecure-requests
content-security-policy-report-only
default-src https: blob:; connect-src https:; font-src https: data:; frame-src https:; img-src https: data: blob:; media-src https:; object-src https: data: blob:; script-src 'unsafe-inline' 'unsafe-eval' https:; style-src 'unsafe-inline' https:; worker-src blob:; report-uri /s/run/cspreport/reportHttp; report-to csp-log
date
Fri, 18 Nov 2022 20:03:14 GMT
permissions-policy
camera=(), microphone=(), midi=(), geolocation=(self), usb=()
referrer-policy
origin-when-cross-origin
report-to
{ "group": "csp-log", "max_age": 43200, "endpoints": [ { "url": "https://www.kayak.com/s/run/cspreport/reportHttp" } ] }
server
KAYAK/1.0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
x-content-type-options
nosniff
x-sn-waf-code
x-xss-protection
1; mode=block
integrator.js
adservice.google.de/adsid/ Frame 4D41 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4D41 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4D41 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=398688153937301&correlator=2833844413792271&eid=31070117&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=33575001%2C%E7%94%9F%E6%B4%BB%E8%AA%8C_%E6%96%B0%E8%81%9E%E5%85%A7%E6%96%87%E4%B8%8B_580x400&enc_prev_ius=%2F0%2F1&prev_iu_szs=580x400&ifi=1&adks=3329571054&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1668801794691&lmt=1668801794&dlt=1668801793900&idt=725&adxs=300&adys=1112&biw=1600&bih=1200&isw=580&ish=400&scr_x=0&scr_y=0&btvi=0&ucis=a5749dmy6kx5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ref=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&frm=23&vis=1&psz=580x400&msz=580x-1&fws=260&ohw=580&ea=0&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=932118293&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3e4a6537fffc5e09cfcda3d68106d0a930a4c7eb6372f03913abeed731f590da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10234
x-xss-protection
0
google-lineitem-id
5756110922
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138358650324
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
f684792fd6fd88f5fbb48071b0718d47.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 786C 		0
0
d4ecab47281a2523b64d758c833c4e2f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4ecab47281a2523b64d758c833c4e2f.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4ecd3e275813eedfddbaa4e1df452ac930665d45eebd4b7d9417ff65b0612f85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Nov 2022 20:03:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4ecab47281a2523b64d758c833c4e2f.jpg
age
1637704
edge-cache-tag
422690156664159606448227744100895588543,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag
422690156664159606448227744100895588543,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
539
req-referer
https://bagagesdedonnees.com/
content-length
7848
x-request-id
20b16cc0062ba3142571680dbfda37f2
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100091-IAD, cache-iad-kcgs7200173-IAD, cache-chi-klot8100145-CHI, cache-iad-kiad7000078-IAD, cache-fra-eddf8230025-FRA
last-modified
Sat, 29 Oct 2022 15:25:13 GMT
server
nginx
x-timer
S1668801795.708812,VS0,VE1
etag
"e13285d261362d6671c7a63f5b0bf7c3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 12, 1
s_4188549d-293a-42a0-b7b5-b29a8781cd7d.jpg%3Fid%3D24252096
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//times.hinet.net/news/cimages/24/25/24252096/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//times.hinet.net/news/cimages/24/25/24252096/s_4188549d-293a-42a0-b7b5-b29a8781cd7d.jpg%3Fid%3D24252096
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
de95f6cead9adf674494bab9271dbafc8188977c418b24c41e6819b8c430d8f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Nov 2022 20:03:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//times.hinet.net/news/cimages/24/25/24252096/s_4188549d-293a-42a0-b7b5-b29a8781cd7d.jpg%3Fid%3D24252096
age
406114
edge-cache-tag
623592298626608799487427853331859453038,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag
623592298626608799487427853331859453038,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1180
req-referer
https://times.hinet.net/
content-length
4526
x-request-id
9822f7b75d9b29c5c123e50401238246
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200139-IAD, cache-iad-kiad7000069-IAD, cache-chi-kigq8000149-CHI, cache-iad-kjyo7100064-IAD, cache-fra-eddf8230025-FRA
last-modified
Mon, 14 Nov 2022 01:25:46 GMT
server
nginx
x-timer
S1668801795.708796,VS0,VE1
etag
"fa4ee51a1856a659a08c8ac082c9850c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 50, 1
97b2c47246ac240b4c707a5eb02e51d6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97b2c47246ac240b4c707a5eb02e51d6.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b0712bdd758d44549d0eef51c1016fa1799dd98a9e9a0dd5dd162f86520c9afc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Fri, 18 Nov 2022 20:03:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97b2c47246ac240b4c707a5eb02e51d6.jpg
age
343699
edge-cache-tag
371231349368601501045916157343057483449,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag
371231349368601501045916157343057483449,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
502
req-referer
https://www.fcinternews.it/inter-social-club/dimarco-sorrisi-a-coverciano-nel-primo-giorno-del-ritiro-della-nazionale-910028
content-length
6150
x-request-id
d5aeab9c5d4d2f269da2a8c538890d0f
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kiad7000115-IAD, cache-iad-kiad7000176-IAD, cache-lga21934-LGA, cache-iad-kcgs7200027-IAD, cache-fra-eddf8230025-FRA
last-modified
Mon, 14 Nov 2022 13:26:26 GMT
server
nginx
x-timer
S1668801795.708825,VS0,VE4
etag
"c1560849a84411145fcf1e4688dae989"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 2, 1
63745a3bec7d6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//newtalk.tw/ogimage/s.newtalk.tw/album/news/844/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//newtalk.tw/ogimage/s.newtalk.tw/album/news/844/63745a3bec7d6.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
16c4f02ec87866e99791c1ff2f2fd41ce97502fc2e07196d73f908140f7656c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
45
date
Fri, 18 Nov 2022 20:03:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_167%2Cw_200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//newtalk.tw/ogimage/s.newtalk.tw/album/news/844/63745a3bec7d6.png
age
203859
edge-cache-tag
583570348482734094846341114051344233496,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
cache-tag
583570348482734094846341114051344233496,375193695950208390837068086851925791917,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
2130
req-referer
https://times.hinet.net/
content-length
5162
x-request-id
2033d98ce66213f83a20df2f233842e1
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200096-IAD, cache-iad-kjyo7100071-IAD, cache-bur-kbur8200090-BUR, cache-iad-kiad7000066-IAD, cache-fra-eddf8230025-FRA
last-modified
Wed, 16 Nov 2022 11:25:37 GMT
server
nginx
x-timer
S1668801795.708781,VS0,VE45
etag
"cc0e538342c91bdb24bd7fe9a8233dad"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 19, 1
debug
trc-events.taboola.com/salesfrontier-hinet/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/salesfrontier-hinet/log/2/debug?tim=20%3A03%3A14.713&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9130&cv=20221117-23-RELEASE&lt=deflated&pct=1
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12551
video.novtt.min.js
jsmodule.svc.litv.tv/videojs/7.20.3/ Frame 3F7A 		551 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsmodule.svc.litv.tv/videojs/7.20.3/video.novtt.min.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237b:0:9:f0ff:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfa7fa2f983c68f068d1286c9d309ca3537732b7937d673250ccdd203bc86bf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
qeyBfoxlwVUb4i5trti3hbZ1JvGdPfjP
content-encoding
gzip
via
1.1 82fccbbb63aecdd468ad9737a31e6b2c.cloudfront.net (CloudFront)
date
Fri, 18 Nov 2022 10:34:49 GMT
last-modified
Wed, 12 Oct 2022 03:50:10 GMT
server
AmazonS3
x-amz-cf-pop
BOM78-P4
age
37230
etag
W/"7c3406c18e91c1c0821aaa8bbed51332"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
_HapNwuDVrJd3VxEcAAkA481218pFG1VoEAIuEF2t0NnFkXS-ckPxQ==
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-63943172-1&cid=1365366507.1668801795&jid=507002756&gjid=2066005909&_gid=2022163553.1668801795&_u=IEBAAEAAAAAAACAAI~&z=2013828665
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 18 Nov 2022 20:03:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F810 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvitGHPAmWiHQAk03374ngYE80xhA3YSICg3hxlW55SVOhZ3FRchR3oLHo3dIs4hBgNGCzTd8pEaEdqTVqsHOhVE9-cTkcj9kzMD0CVu61pN6m2TPe0TuF3OVlVe9XqEjPPqDXuuPC5j3KFEfPrd4Md4VnLMqxpXaoG0Wojd6bHsa-JyA81SFtVo21G8M2-Ix3fsnjdz56oJajJThXcJ_TIs8UK62fbk8QzSm-3O8KPaHczEO_VjB_M4qKaxDQULIIr497Ne3KVpjsPGv_AuSn8AYJxZueas8CsFH4sjE43Mm9rFV_eKU7hldNvSKmq6-n_ldimDSOqMr9Bxk6fFlAxkxWuJ_Q&sai=AMfl-YQ4EB-jJQkDA5zxYD77fka8zNnztEv-rvvCizBQtiaDdL-Kzh4d6Q1t2NWR1ilmyWdWrkibPJXaf0KKr9WZMPTuBK39vTPs_pWp4fEG_RuE6yah1_RSNQFSf-qjAgOXUdND3kxJMX-atRwEUzOTy70&sig=Cg0ArKJSzEoWOAbO_QtWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:14 GMT
tag.js
ad.impactify.io/static/ad/ Frame F810 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.impactify.io/static/ad/tag.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e013700dfacaed5dac122af2ceb85a29438d688fef6e982b48990a016bfbe154

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
x-amz-version-id
jc6oh_NxQd8BiGO0yiS9PSJgd5VsW2lh
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 15 Nov 2022 08:24:50 GMT
server
cloudflare
x-amz-request-id
AQBRA04YR5EYX6P0
age
2448
etag
W/"632cfd1fc45ae1d89faa6ccb0918c317"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
76c34ef208f59ba4-FRA
x-amz-id-2
Vvjvy6QV4TRJql3aFOk1Onw5xWdst/ULMPNKtYAkcBMA9TwSEBIAGgl4e0fXMZSthywofIN8Eqk=
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F810 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b8762489d85cde14939797c8fe3c9a9fb638d9d2ebc6bc8e524213ee29d2d398
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49274
x-xss-protection
0
server
cafe
etag
4246993257777636688
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Nov 2022 20:03:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F810 		154 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:14 GMT
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/3.9.6/ 		104 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/3.9.6/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b5db445762c70c8d002dd808b2f6a222950987153ef5fd65237fb9260008f72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:14 GMT
via
1.1 bf791e1829ff18782cd9837fbba03616.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
897256
x-cache
Miss from cloudfront, HIT
content-length
30426
x-served-by
cache-fra-eddf8230025-FRA
last-modified
Tue, 08 Nov 2022 10:48:33 GMT
server
AmazonS3
x-timer
S1668801795.890639,VS0,VE0
etag
"4fccc6705cf6a0544e5979a005775b8f"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
z3roqGzVdmVCa69LCr7Ao4z5URIIBlEE2XAUCfDICqhmNEy84y1S4g==
x-cache-hits
77023
feed-card-placeholder.20221117-23-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20221117-23-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/salesfrontier-hinet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d87d3f1d2e06366da74bcfec32f7ad325809e494b59bbcb56bb940bde0801c14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
bNRC5BBWQ.FYE6uvtc30pEqQsFYZMt92
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Nov 2022 20:03:14 GMT
x-amz-request-id
06P1FQJBYS06FTCH
age
84
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
bwodaj6fb+LcCqK1ur4aLNIhuIw+ewc687ikwpTCYOT7TxbHQz1zrMD5fFmtaTE9qTd4i8BTE28=
x-served-by
cache-fra-eddf8230025-FRA
last-modified
Thu, 17 Nov 2022 16:19:57 GMT
server
AmazonS3
x-timer
S1668801795.891856,VS0,VE0
etag
"10462455590613fc8e6fce5dcb706a75"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
42
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
217
cta-component.20221117-23-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/cta-component.20221117-23-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/salesfrontier-hinet/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0ef57a78ec5c1a714df0f1d917fa3c6ad56999b6d701123b5cb56115410334d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
Bqw9OPza.GeRLZFfL.9HZ_JYjWiMPCBF
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Nov 2022 20:03:14 GMT
x-amz-request-id
6N0GZD13SWCPMAXE
age
99
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5108
x-amz-id-2
S01HbY/+SBkW1vwqsmKaBTKcjVLrKZ5i4vBhv1lyo4Bdh4ctDJjcF9cXbSknMW9YNyi0hebWMSI=
x-served-by
cache-fra-eddf8230025-FRA
last-modified
Thu, 17 Nov 2022 16:19:18 GMT
server
AmazonS3
x-timer
S1668801795.904628,VS0,VE0
etag
"151e8b315f1c39b579d92d5f47bc55ec"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
42
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
185
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Nov 2022 20:03:14 GMT
x-amz-request-id
P5R59Q816A0M149N
age
38
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
WEbDtuEW9aPhjYqb/1XpN75OZG5627okPogaahiOLCmZjx8PJ3qhQ1cEsdaWdQtUDRYMuPNDwqA=
x-served-by
cache-fra-eddf8230025-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1668801795.911187,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
42
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
59
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-63943172-1&cid=1365366507.1668801795&jid=507002756&_u=IEBAAEAAAAAAACAAI~&z=756039260
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-63943172-1&cid=1365366507.1668801795&jid=507002756&_u=IEBAAEAAAAAAACAAI~&z=756039260
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:14 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
1f8685a9eeb0ed00db54c09ae7709641.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f8685a9eeb0ed00db54c09ae7709641.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a36ed14a42299e784ec6e1b833350aaf216b425339904f51fb80a54becea5460

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Nov 2022 20:03:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f8685a9eeb0ed00db54c09ae7709641.png
age
5207996
edge-cache-tag
625737380514069316852732621553968435931,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
625737380514069316852732621553968435931,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
196
req-referer
https://www.correiobraziliense.com.br/
content-length
21624
x-request-id
9d754e8f00e4bd56b10d9cacd3edb4f6
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200162-IAD, cache-iad-kiad7000146-IAD, cache-lga21940-LGA, cache-iad-kcgs7200125-IAD, cache-fra-eddf8230025-FRA
last-modified
Mon, 29 Aug 2022 12:50:26 GMT
server
nginx
x-timer
S1668801795.926607,VS0,VE1
etag
"2971c535a166d2abe36d7a792de55ed3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 118, 1
paige-spiranac.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1665044061290/content/gallery/freenet/sport/topnews/2... 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1665044061290/content/gallery/freenet/sport/topnews/2022/10/06/pictures/paige-spiranac.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
27a10aa32d21a15c135a8a16ec82690f621a16e4200ffce979fa36d2419a2778

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Fri, 18 Nov 2022 20:03:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.freenet.de/binaries/_ht_1665044061290/content/gallery/freenet/sport/topnews/2022/10/06/pictures/paige-spiranac.jpg
age
3748334
edge-cache-tag
438744369006073859763532931428367403832,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
cache-tag
438744369006073859763532931428367403832,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
2379
req-referer
https://www.freenet.de/
content-length
11288
x-request-id
97eaedefc6bdc113167ff9ff5a493d07
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000109-IAD, cache-iad-kjyo7100096-IAD, cache-lax10681-LGB, cache-iad-kcgs7200041-IAD, cache-fra-eddf8230025-FRA
last-modified
Thu, 06 Oct 2022 10:28:06 GMT
server
nginx
x-timer
S1668801795.926409,VS0,VE3
etag
"ca23e66d5372808c981c3f18275beb8f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 129, 1
84eee57bf643490bcd191f73c079bbc3.jpg
images.taboola.com/taboola/image/fetch/$pw_420%2C$ph_234/t_tbl-cnd/https%3A//de9a11s35xj3d.cloudfront.net/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/$pw_420%2C$ph_234/t_tbl-cnd/https%3A//de9a11s35xj3d.cloudfront.net/84eee57bf643490bcd191f73c079bbc3.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d768a9a96ec1d342e32ab005482872fd8fb00982ceec46f969684fa72affbd01

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Nov 2022 20:03:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/$pw_420%2C$ph_234/t_tbl-cnd/https%3A//de9a11s35xj3d.cloudfront.net/84eee57bf643490bcd191f73c079bbc3.jpg
age
3720108
edge-cache-tag
404352581047567668103688229389103833803,381454691626708243764995139711639546992,29ecf9b93bbf306179626feeda1fab70
cache-tag
404352581047567668103688229389103833803,381454691626708243764995139711639546992,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
38
expiration
expiry-date="Sun, 30 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.nasdaq.com/
content-length
10316
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200143-IAD, cache-iad-kiad7000169-IAD, cache-lax10627-LGB, cache-iad-kjyo7100111-IAD, cache-fra-eddf8230025-FRA
last-modified
Thu, 29 Sep 2022 07:11:13 GMT
server
nginx
x-timer
S1668801795.926281,VS0,VE1
etag
"9e53889c9579ef7d8e925c7eafbc0ab2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 41, 1
0888da0c00808bbf7313963a3dd247d6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0888da0c00808bbf7313963a3dd247d6.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
51072353b091c5fb6fc64a0e404d4cd3ef8874c938f9c62fcf19c8358f21eea5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 18 Nov 2022 20:03:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0888da0c00808bbf7313963a3dd247d6.jpg
age
3320825
edge-cache-tag
347804853545938849280469509763904274384,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
347804853545938849280469509763904274384,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
194
expiration
expiry-date="Thu, 13 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.allbanaadir.org/
content-length
26426
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200075-IAD, cache-iad-kjyo7100129-IAD, cache-lga21947-LGA, cache-iad-kiad7000064-IAD, cache-fra-eddf8230025-FRA
last-modified
Mon, 12 Sep 2022 09:24:47 GMT
server
nginx
x-timer
S1668801795.926281,VS0,VE2
etag
"d02f2fbadd1d66f44277070198b67259"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 38, 1
fc6ec953718913ee3e4466e0184fd88e.jpg
images.taboola.com/taboola/image/fetch/$pw_420%2C$ph_234/t_tbl-cnd/https%3A//de9a11s35xj3d.cloudfront.net/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/$pw_420%2C$ph_234/t_tbl-cnd/https%3A//de9a11s35xj3d.cloudfront.net/fc6ec953718913ee3e4466e0184fd88e.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0be8935522591d1e31877940437b8bc3cf60e3ac474fcf5978cbf0c07100b9d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Nov 2022 20:03:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/$pw_420%2C$ph_234/t_tbl-cnd/https%3A//de9a11s35xj3d.cloudfront.net/fc6ec953718913ee3e4466e0184fd88e.jpg
age
3624361
edge-cache-tag
605766998579787635854318479790215655036,381454691626708243764995139711639546992,29ecf9b93bbf306179626feeda1fab70
cache-tag
605766998579787635854318479790215655036,381454691626708243764995139711639546992,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
153
expiration
expiry-date="Fri, 21 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://greedyfinance.com/
content-length
23360
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000087-IAD, cache-iad-kcgs7200105-IAD, cache-bur-kbur8200131-BUR, cache-iad-kjyo7100138-IAD, cache-fra-eddf8230025-FRA
last-modified
Tue, 20 Sep 2022 05:14:22 GMT
server
nginx
x-timer
S1668801795.926278,VS0,VE1
etag
"2e5c4c47a82b79fdde9be449b14f9d52"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 2, 0, 63, 1
df93e5f55b7dda8db32c21eb4140a492.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df93e5f55b7dda8db32c21eb4140a492.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2ee42845a15cd492a2b01f162140cef49b10095411c5fdf77ea78fd6e6a50c2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Nov 2022 20:03:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_234%2Cw_420%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/df93e5f55b7dda8db32c21eb4140a492.jpg
age
5516690
edge-cache-tag
398798752738745330482205610559503367110,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
cache-tag
398798752738745330482205610559503367110,435865549287215527994699919445509550944,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
146
expiration
expiry-date="Tue, 27 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://game.astro2day1.com/answer/rank?gaid=0067141e-e14e-4d04-a78b-aee6d52cf90f
content-length
13542
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200167-IAD, cache-iad-kjyo7100037-IAD, cache-bur-kbur8200099-BUR, cache-iad-kcgs7200149-IAD, cache-fra-eddf8230025-FRA
last-modified
Sat, 27 Aug 2022 10:01:38 GMT
server
nginx
x-timer
S1668801795.939163,VS0,VE1
etag
"7e347ecea77aeeeaac19c7cf073e8ba1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 52, 1
d4ecab47281a2523b64d758c833c4e2f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4ecab47281a2523b64d758c833c4e2f.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
17d592f84ef08f78742618bbf73ae30777e7ffee8a5f6cf8e040013fc3c5e1b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
15
date
Fri, 18 Nov 2022 20:03:14 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_420%2Cw_840%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d4ecab47281a2523b64d758c833c4e2f.jpg
age
6179521
edge-cache-tag
422690156664159606448227744100895588543,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag
422690156664159606448227744100895588543,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
268
req-referer
https://www.ouest-france.fr/
content-length
37498
x-request-id
c3431544ab0743947f37a4c0b6a65606
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kiad7000151-IAD, cache-iad-kiad7000096-IAD, cache-bur-kbur8200128-BUR, cache-iad-kjyo7100047-IAD, cache-fra-eddf8230025-FRA
last-modified
Sat, 27 Aug 2022 20:24:23 GMT
server
nginx
x-timer
S1668801795.939319,VS0,VE15
etag
"a5ff77686fd8495d6757f4a7760463f4"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 4, 1
truncated
/ Frame F810 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1bbad22b7141fb96f2592806cd1cf02e8ee6003d8a921b8bdd0a3bac5badbee1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
abtests
am-trc-events.taboola.com/salesfrontier-hinet/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/salesfrontier-hinet/log/3/abtests?route=AM:AM:V&lti=deflated&ri=3778d9ace4d3ea2f26e0313711045c32&sd=v2_07fa20295ae258ac7f062b5550bfe1f5_c78491ff-2206-4058-b6d0-5949b4935819-tucta716a82_1668801794_1668801794_CNawjgYQzvZVGIWh2uLIMCABKAEwODib4wlAiYoQSMr63gNQo-wQWABgAGiy-ebp3bfByjVwAA&ui=c78491ff-2206-4058-b6d0-5949b4935819-tucta716a82&pi=/news/24260251&wi=-8267953169926765089&pt=text&vi=1668801794181&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22cta-lazy-module%22%2C%22type%22%3A%22%7B%5C%22v%5C%22%3A%5C%222%5C%22%2C%5C%22location%5C%22%3A%5C%22https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~7136377511842528078~~ruj0XbAoTL-PQ%5C%22%2C%5C%22text%5C%22%3A%5C%22Jetzt%20kaufen%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-lazy-module%5C%22%2C%5C%22event%5C%22%3A%5C%22CTA-event-rendered%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A0%2C%5C%22index%5C%22%3A0%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20%7C%20Card%203%5C%22%2C%5C%22innerText%5C%22%3A%5C%22Das%20Beste%20aus%20Supermarkt%20und%20Hofladen!%5C%5CnWir%20bringen%20deinen%20Wocheneinkauf%20am%20selben%20Tag%2C%20innerhalb%20von%203%20Stunden%2C%20mit%20einem%20Lieferzeitfenster%20von%20maximal%201%20Stunde!%5C%5CnKnuspr%5C%5Cn%7C%5C%5CnSponsored%5C%22%2C%5C%22config%5C%22%3A%7B%5C%22borderColor%5C%22%3A%5C%22black%5C%22%2C%5C%22fontWeight%5C%22%3A%5C%22bold%5C%22%2C%5C%22isInheritTitleColor%5C%22%3A%5C%22true%5C%22%7D%7D%22%2C%22eventTime%22%3A1668801794995%7D&tim=20%3A03%3A14.996&id=7745&llvl=2&cv=20221117-23-RELEASE&
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Nov 2022 20:03:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/salesfrontier-hinet/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/salesfrontier-hinet/log/3/abtests?route=AM:AM:V&lti=deflated&ri=3778d9ace4d3ea2f26e0313711045c32&sd=v2_07fa20295ae258ac7f062b5550bfe1f5_c78491ff-2206-4058-b6d0-5949b4935819-tucta716a82_1668801794_1668801794_CNawjgYQzvZVGIWh2uLIMCABKAEwODib4wlAiYoQSMr63gNQo-wQWABgAGiy-ebp3bfByjVwAA&ui=c78491ff-2206-4058-b6d0-5949b4935819-tucta716a82&pi=/news/24260251&wi=-8267953169926765089&pt=text&vi=1668801794181&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22cta-lazy-module%22%2C%22type%22%3A%22%7B%5C%22v%5C%22%3A%5C%222%5C%22%2C%5C%22location%5C%22%3A%5C%22https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251%5C%22%2C%5C%22itemId%5C%22%3A%5C%22~~V1~~8460239031623427546~~5Q_e2X1BZdVYG%5C%22%2C%5C%22text%5C%22%3A%5C%22Mehr%20erfahren%5C%22%2C%5C%22type%5C%22%3A%5C%22event%5C%22%2C%5C%22module%5C%22%3A%5C%22cta-lazy-module%5C%22%2C%5C%22event%5C%22%3A%5C%22CTA-event-rendered%5C%22%2C%5C%22cardIndexOnPage%5C%22%3A1%2C%5C%22index%5C%22%3A1%2C%5C%22placement%5C%22%3A%5C%22Below%20Article%20Thumbnails%20%7C%20Card%204%5C%22%2C%5C%22innerText%5C%22%3A%5C%22Deutsche%20mit%20Pflegegrad%20erhalten%20zuzahlungsfreie%20FFP2-Masken%20mit%20diesem%20Trick%5C%5CnVerbraucher%20Hilfe%5C%5Cn%7C%5C%5CnSponsored%5C%22%2C%5C%22config%5C%22%3A%7B%5C%22borderColor%5C%22%3A%5C%22black%5C%22%2C%5C%22fontWeight%5C%22%3A%5C%22bold%5C%22%2C%5C%22isInheritTitleColor%5C%22%3A%5C%22true%5C%22%7D%7D%22%2C%22eventTime%22%3A1668801794998%7D&tim=20%3A03%3A14.998&id=4971&llvl=2&cv=20221117-23-RELEASE&
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Nov 2022 20:03:15 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
screen.js
ad.impactify.media/static/ad/v5-1.9.48/ 		234 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.impactify.media/static/ad/v5-1.9.48/screen.js?v=v5-1.9.48
Requested by
Host: ad.impactify.io
URL: https://ad.impactify.io/static/ad/tag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b18bd4784a444f6743026ba6e776577c1a0a18227e21f9bd2f6242cae2342c58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 18 Nov 2022 20:03:15 GMT
x-amz-version-id
NfzA_IwhZ1UWVOHBnUc0KNAo1qasWxne
content-encoding
br
x-amz-request-id
ZM82PW0XCR1K01R1
x-cache
HIT
x-77-cache
HIT
x-age
2168
x-amz-id-2
NAUE3ZoPcFqtpMIrA9a7vUIRPt0Xz9lpdaVjD6SWLC7B6nmSrsYGh2LtUXkPnqAcHRhyuA9RF1U=
x-77-nzt
AdRmOI3ibw//eAgAAA
x-accel-expires
@1668803227
last-modified
Tue, 15 Nov 2022 08:24:50 GMT
server
CDN77-Turbo
etag
W/"6b51477a5a8e8bf4912c8789c91aa118"
x-77-nzt-ray
c1a07737d066f65003e5776339f7d404
content-type
application/javascript
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame F810 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
50306bcc487145173c29411550075ff289df5e85f6bc9b617043b0fba3b447e1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119613
x-xss-protection
0
server
cafe
etag
4858932084655063889
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Nov 2022 20:03:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame BFC6 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4457659720163747
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
29437
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 11:52:38 GMT
etag
10353107486223812946
expires
Fri, 02 Dec 2022 11:52:38 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
health.json
times.hinet.net/hinetlife2/data/ Frame 2FE8 		55 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/hinetlife2/data/health.json
Requested by
Host:
URL: webpack:///./saga/index.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
d4cdafe6ecbfa16d5ec9455f936c8eafa0245b0ae3bc846498b952c72d5b7f39
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://times.hinet.net/hinetlife2/index.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Fri, 18 Nov 2022 19:00:13 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
1b7b6ef6b25c11e3424a4ff8e7653b0b
money.json
times.hinet.net/hinetlife2/data/ Frame 2FE8 		67 KB
26 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/hinetlife2/data/money.json
Requested by
Host:
URL: webpack:///./saga/index.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
e532829f8b13b696a97e3cc23de2309220c72c4c0280ea83ec8561e065d2b96d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://times.hinet.net/hinetlife2/index.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Fri, 18 Nov 2022 19:00:13 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
d8809c3fbb6182315737a3e886b57a23
style.json
times.hinet.net/hinetlife2/data/ Frame 2FE8 		54 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/hinetlife2/data/style.json
Requested by
Host:
URL: webpack:///./saga/index.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
cd7346e0240bc8981dc94b70606cd773c00e2fe5a84a5b7745164c7ededd6226
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://times.hinet.net/hinetlife2/index.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Fri, 18 Nov 2022 19:00:13 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
2e4074ee271c60e64668d2aede1c4894
entertainment.json
times.hinet.net/hinetlife2/data/ Frame 2FE8 		81 KB
35 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://times.hinet.net/hinetlife2/data/entertainment.json
Requested by
Host:
URL: webpack:///./saga/index.js?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
e62dd5df3a7d2deb80fc9946fac5bb1443cf19c1b5def6168acdc3067ee45a64
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

Access-Control-Allow-Origin
*
Accept
application/json
Referer
https://times.hinet.net/hinetlife2/index.html
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
last-modified
Fri, 18 Nov 2022 20:00:13 GMT
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/json
x-cache
HIT
x-xss-protection
1;mode=block
x-request-id
d35265e6fe0464fd9550368c99813cb3
analytics.js
www.google-analytics.com/ Frame 2FE8 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host:
URL: webpack:///../~/react-ga/dist/esm/utils/loadGA.js?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Nov 2022 19:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2841
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 18 Nov 2022 21:15:54 GMT
st
imprammp.taboola.com/ Frame E9D5 		742 B
548 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7y34CFgMhRorpgeQJ9AQhRorpgeQJ9AUAAAAGBvQHJOZxTWYm324t882ca9Fy4VgrJ4uFW2Wz-QaDzXIyMQ6GQGIe12Rm8u3WMt_MuRYtF461crJYuFU2m28w2CwnE-NgCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFkt5gAAAADw8P___w8BAAAAEAEAAAAgAQAAAEARUPFvIXABAAAAgPH___-vAQDFwXCuu_VlNzpcn5fdHwAAAAAgAAAAACQAB-pPJQAuL-Mn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0OquhrnRWrAsEQFoUWMAAAAAEp0cgaOJnVCZVH1___fbwVwBQAQQMhoJRmYpTso8RYGAAAgIKZUv5FdAoAlO7ZAD4vfb3bYNX63y_7_________zf7P_tGEiMzM0oJYAADUfgEBANZ-AQEA2NQNAOBNAC7kStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFktRkfQisFgdQExOwAAAIC7____fzyl-o3sEgAsWT0Q2M0clsFkuVq4LKvhwuObGWaTiWu1GkxsLsfMtb2nB950eY_o5r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBboATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDDjG46Wi5nNLZkMZmvRYDVcS2wjw1q1HC0npuVmNVws16LXx_TwLWYL42SLggEie5E8LdKJZrcbjpwLj8s08qwclplltjJsFpvdYjEYrTaeyUQs0Zws0onssi_sZg7LYLJcLVyW1XDh8c0Ms8nEtVoNJjaXY-bad3zD0XIxs7klk8FsLRqshmuJbWRYq5aj5cS03KyGi-Va9PqYHr7FbGGc7Buz2XA4WOyWo31jNhsOB4vdcrTv0Bm-q8_ZqN6utR6TV7Sszkw2h0HhMli8P4lpMe3ODqaz7-i0KbfNzs7ou3WPXoPCc_CYzrfKYvhMbBbm1dZ7MChiieAinWgeZpfnZvnbTU-X5S102l2mi1iiNF2kE73c5fv8JaPJbDBZLSZiieB0kU5EL-Ppov6jwuzmquFctZtrVgkAAAAAAAAAYAlz5k0AAAAAToNaDHeb1ToPZjCZLRer5QJU7DnpAoMAAAAAAAAUN348MQ-zy3Oz_O2mp8vyFjrtLtOVASbM1pg3fyaItVotawAAAAFsAACAAG7dvAWEWfH_____cQAAADJy9AAAAPT7QEWeuFHrhR_8BDlYDQc!&cmcv=&pix=undefined&cb=1668801795235&uv=3241&tms=1668801795235&abt=dfrc_vB!eidc_vB!id5mc_vB!Noappq22_vD!spa2_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=fc52fd77-f7f9-49a1-921a-eff700392b80&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 18 Nov 2022 20:03:15 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230025-FRA
x-timer
S1668801795.239510,VS0,VE10
sync
am-match.taboola.com/ Frame B018 		742 B
827 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V7y34CFgMhRorpgeQJ9AQhRorpgeQJ9AUAAAAGBvQHJOZxTWYm324t882ca9Fy4VgrJ4uFW2Wz-QaDzXIyMQ6GQGIe12Rm8u3WMt_MuRYtF461crJYuFU2m28w2CwnE-NgCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFkt5gAAAADw8P___w8BAAAAEAEAAAAgAQAAAEARUPFvIXABAAAAgPH___-vAQDFwXCuu_VlNzpcn5fdHwAAAAAgAAAAACQAB-pPJQAuL-Mn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0OquhrnRWrAsEQFoUWMAAAAAEp0cgaOJnVCZVH1___fbwVwBQAQQMhoJRmYpTso8RYGAAAgIKZUv5FdAoAlO7ZAD4vfb3bYNX63y_7_________zf7P_tGEiMzM0oJYAADUfgEBANZ-AQEA2NQNAOBNAC7kStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFktRkfQisFgdQExOwAAAIC7____fzyl-o3sEgAsWT0Q2M0clsFkuVq4LKvhwuObGWaTiWu1GkxsLsfMtb2nB950eY_o5r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBboATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDDjG46Wi5nNLZkMZmvRYDVcS2wjw1q1HC0npuVmNVws16LXx_TwLWYL42SLggEie5E8LdKJZrcbjpwLj8s08qwclplltjJsFpvdYjEYrTaeyUQs0Zws0onssi_sZg7LYLJcLVyW1XDh8c0Ms8nEtVoNJjaXY-bad3zD0XIxs7klk8FsLRqshmuJbWRYq5aj5cS03KyGi-Va9PqYHr7FbGGc7Buz2XA4WOyWo31jNhsOB4vdcrTv0Bm-q8_ZqN6utR6TV7Sszkw2h0HhMli8P4lpMe3ODqaz7-i0KbfNzs7ou3WPXoPCc_CYzrfKYvhMbBbm1dZ7MChiieAinWgeZpfnZvnbTU-X5S102l2mi1iiNF2kE73c5fv8JaPJbDBZLSZiieB0kU5EL-Ppov6jwuzmquFctZtrVgkAAAAAAAAAYAlz5k0AAAAAToNaDHeb1ToPZjCZLRer5QJU7DnpAoMAAAAAAAAUN348MQ-zy3Oz_O2mp8vyFjrtLtOVASbM1pg3fyaItVotawAAAAFsAACAAG7dvAWEWfH_____cQAAADJy9AAAAPT7QEWeuFHrhR_8BDlYDQc!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.6/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 18 Nov 2022 20:03:15 GMT
machineid
3407
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V7y34CFgMhRorpgeQJ9AQhRorpgeQJ9AUAAAAGBvQHJOZxTWYm324t882ca9Fy4VgrJ4uFW2Wz-QaDzXIyMQ6GQGIe12Rm8u3WMt_MuRYtF461crJYuFU2m28w2CwnE-NgCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFkt5gAAAADw8P___w8BAAAAEAEAAAAgAQAAAEARUPFvIXABAAAAgPH___-vAQDFwXCuu_VlNzpcn5fdHwAAAAAgAAAAACQAB-pPJQAuL-Mn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0OquhrnRWrAsEQFoUWMAAAAAEp0cgaOJnVCZVH1___fbwVwBQAQQMhoJRmYpTso8RYGAAAgIKZUv5FdAoAlO7ZAD4vfb3bYNX63y_7_________zf7P_tGEiMzM0oJYAADUfgEBANZ-AQEA2NQNAOBNAC7kStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFktRkfQisFgdQExOwAAAIC7____fzyl-o3sEgAsWT0Q2M0clsFkuVq4LKvhwuObGWaTiWu1GkxsLsfMtb2nB950eY_o5r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBboATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDDjG46Wi5nNLZkMZmvRYDVcS2wjw1q1HC0npuVmNVws16LXx_TwLWYL42SLggEie5E8LdKJZrcbjpwLj8s08qwclplltjJsFpvdYjEYrTaeyUQs0Zws0onssi_sZg7LYLJcLVyW1XDh8c0Ms8nEtVoNJjaXY-bad3zD0XIxs7klk8FsLRqshmuJbWRYq5aj5cS03KyGi-Va9PqYHr7FbGGc7Buz2XA4WOyWo31jNhsOB4vdcrTv0Bm-q8_ZqN6utR6TV7Sszkw2h0HhMli8P4lpMe3ODqaz7-i0KbfNzs7ou3WPXoPCc_CYzrfKYvhMbBbm1dZ7MChiieAinWgeZpfnZvnbTU-X5S102l2mi1iiNF2kE73c5fv8JaPJbDBZLSZiieB0kU5EL-Ppov6jwuzmquFctZtrVgkAAAAAAAAAYAlz5k0AAAAAToNaDHeb1ToPZjCZLRer5QJU7DnpAoMAAAAAAAAUN348MQ-zy3Oz_O2mp8vyFjrtLtOVASbM1pg3fyaItVotawAAAAFsAACAAG7dvAWEWfH_____cQAAADJy9AAAAPT7QEWeuFHrhR_8BDlYDQc!&cmcv=&pix=31589837&cb=1668801795234&uv=3241&tms=1668801795234&abt=dfrc_vB!eidc_vB!id5mc_vB!Noappq22_vD!spa2_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1668801788669.2!ts:1668801795234&mntl=1
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
content-length
0
server
nginx
trace
www.cloudflare.com/cdn-cgi/ 		315 B
454 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.cloudflare.com/cdn-cgi/trace
Requested by
Host: ad.impactify.media
URL: https://ad.impactify.media/static/ad/v5-1.9.48/screen.js?v=v5-1.9.48
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7b60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea1e99214a531fe7b257049c8ae1776ed49496dcc3c78a65af97f52599702560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept
*/*
Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
x-frame-options
DENY
content-type
text/plain
access-control-allow-origin
*
cache-control
no-cache
cf-ray
76c34ef49ea39064-FRA
expires
Thu, 01 Jan 1970 00:00:01 GMT
loader.json
dvr.impactify.media/times.hinet.net/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dvr.impactify.media/times.hinet.net/loader.json?v=v5-1.9.48
Requested by
Host: ad.impactify.media
URL: https://ad.impactify.media/static/ad/v5-1.9.48/screen.js?v=v5-1.9.48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
94c4d4ba5a3e18f8a57f2b02c076c74f90e6a98c2fce6f1b0f20113e45fce80c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 18 Nov 2022 20:03:15 GMT
content-encoding
br
x-amz-request-id
T1DW0RX4C92ND930
x-cache
REVALIDATED
x-77-cache
HIT
x-age
2677
x-amz-id-2
PEIhiYDDdEmShwpSbCyrrPEzz32PwWD8S2Fse00OkURA8rPXodvai9DNpPdRWpCQAcqhDk6hgjw=
x-77-nzt
Abk73BADp/DedQoAAA
x-accel-expires
@1668802095
last-modified
Thu, 15 Sep 2022 08:04:14 GMT
server
CDN77-Turbo
etag
W/"fd58f107d24bb9e112be016767235cb1"
x-77-nzt-ray
908339302af6644803e5776312d64813
access-control-max-age
3000
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET, HEAD
access-control-allow-origin
*
content-type
application/json; charset=utf-8
cache-control
public, max-age=300
content-language
en
cookie.js
partner.googleadservices.com/gampad/ Frame F810 		213 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=times.hinet.net&callback=_gfp_s_&client=ca-pub-4457659720163747&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
acf183f80a5cfca3dedf30d00d7f00eb859fde72f5cee1c7542da830da89b380
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
200
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame F810 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F810 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame F810 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&tn=DIV&id=goTop&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F1EF 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&adk=1812271804&adf=3407277731&lmt=1668801795&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795017&bpp=4&bdt=238&idt=257&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=2&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.y7m7lzoi03ii&fsb=1&dtd=275
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
generic
match.adsrvr.org/track/cmf/ Frame E9D5 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7y34CFgMhRorpgeQJ9AQhRorpgeQJ9AUAAAAGBvQHJOZxTWYm324t882ca9Fy4VgrJ4uFW2Wz-QaDzXIyMQ6GQGIe12Rm8u3WMt_MuRYtF461crJYuFU2m28w2CwnE-NgCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFkt5gAAAADw8P___w8BAAAAEAEAAAAgAQAAAEARUPFvIXABAAAAgPH___-vAQDFwXCuu_VlNzpcn5fdHwAAAAAgAAAAACQAB-pPJQAuL-Mn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0OquhrnRWrAsEQFoUWMAAAAAEp0cgaOJnVCZVH1___fbwVwBQAQQMhoJRmYpTso8RYGAAAgIKZUv5FdAoAlO7ZAD4vfb3bYNX63y_7_________zf7P_tGEiMzM0oJYAADUfgEBANZ-AQEA2NQNAOBNAC7kStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFktRkfQisFgdQExOwAAAIC7____fzyl-o3sEgAsWT0Q2M0clsFkuVq4LKvhwuObGWaTiWu1GkxsLsfMtb2nB950eY_o5r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBboATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDDjG46Wi5nNLZkMZmvRYDVcS2wjw1q1HC0npuVmNVws16LXx_TwLWYL42SLggEie5E8LdKJZrcbjpwLj8s08qwclplltjJsFpvdYjEYrTaeyUQs0Zws0onssi_sZg7LYLJcLVyW1XDh8c0Ms8nEtVoNJjaXY-bad3zD0XIxs7klk8FsLRqshmuJbWRYq5aj5cS03KyGi-Va9PqYHr7FbGGc7Buz2XA4WOyWo31jNhsOB4vdcrTv0Bm-q8_ZqN6utR6TV7Sszkw2h0HhMli8P4lpMe3ODqaz7-i0KbfNzs7ou3WPXoPCc_CYzrfKYvhMbBbm1dZ7MChiieAinWgeZpfnZvnbTU-X5S102l2mi1iiNF2kE73c5fv8JaPJbDBZLSZiieB0kU5EL-Ppov6jwuzmquFctZtrVgkAAAAAAAAAYAlz5k0AAAAAToNaDHeb1ToPZjCZLRer5QJU7DnpAoMAAAAAAAAUN348MQ-zy3Oz_O2mp8vyFjrtLtOVASbM1pg3fyaItVotawAAAAFsAACAAG7dvAWEWfH_____cQAAADJy9AAAAPT7QEWeuFHrhR_8BDlYDQc!&cmcv=&pix=undefined&cb=1668801795235&uv=3241&tms=1668801795235&abt=dfrc_vB!eidc_vB!id5mc_vB!Noappq22_vD!spa2_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=fc52fd77-f7f9-49a1-921a-eff700392b80&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 18 Nov 2022 20:03:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame E9D5 		43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7y34CFgMhRorpgeQJ9AQhRorpgeQJ9AUAAAAGBvQHJOZxTWYm324t882ca9Fy4VgrJ4uFW2Wz-QaDzXIyMQ6GQGIe12Rm8u3WMt_MuRYtF461crJYuFU2m28w2CwnE-NgCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFkt5gAAAADw8P___w8BAAAAEAEAAAAgAQAAAEARUPFvIXABAAAAgPH___-vAQDFwXCuu_VlNzpcn5fdHwAAAAAgAAAAACQAB-pPJQAuL-Mn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0OquhrnRWrAsEQFoUWMAAAAAEp0cgaOJnVCZVH1___fbwVwBQAQQMhoJRmYpTso8RYGAAAgIKZUv5FdAoAlO7ZAD4vfb3bYNX63y_7_________zf7P_tGEiMzM0oJYAADUfgEBANZ-AQEA2NQNAOBNAC7kStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFktRkfQisFgdQExOwAAAIC7____fzyl-o3sEgAsWT0Q2M0clsFkuVq4LKvhwuObGWaTiWu1GkxsLsfMtb2nB950eY_o5r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBboATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDDjG46Wi5nNLZkMZmvRYDVcS2wjw1q1HC0npuVmNVws16LXx_TwLWYL42SLggEie5E8LdKJZrcbjpwLj8s08qwclplltjJsFpvdYjEYrTaeyUQs0Zws0onssi_sZg7LYLJcLVyW1XDh8c0Ms8nEtVoNJjaXY-bad3zD0XIxs7klk8FsLRqshmuJbWRYq5aj5cS03KyGi-Va9PqYHr7FbGGc7Buz2XA4WOyWo31jNhsOB4vdcrTv0Bm-q8_ZqN6utR6TV7Sszkw2h0HhMli8P4lpMe3ODqaz7-i0KbfNzs7ou3WPXoPCc_CYzrfKYvhMbBbm1dZ7MChiieAinWgeZpfnZvnbTU-X5S102l2mi1iiNF2kE73c5fv8JaPJbDBZLSZiieB0kU5EL-Ppov6jwuzmquFctZtrVgkAAAAAAAAAYAlz5k0AAAAAToNaDHeb1ToPZjCZLRer5QJU7DnpAoMAAAAAAAAUN348MQ-zy3Oz_O2mp8vyFjrtLtOVASbM1pg3fyaItVotawAAAAFsAACAAG7dvAWEWfH_____cQAAADJy9AAAAPT7QEWeuFHrhR_8BDlYDQc!&cmcv=&pix=undefined&cb=1668801795235&uv=3241&tms=1668801795235&abt=dfrc_vB!eidc_vB!id5mc_vB!Noappq22_vD!spa2_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=fc52fd77-f7f9-49a1-921a-eff700392b80&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:5cc5:a32:da3e:ed7e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 18 Nov 2022 20:03:15 GMT
server
Apache-Coyote/1.1
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame E9D5
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=09a6c71a-677c-11ed-99f1-1a404fd50306&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=09a6c71a-677c-11ed-99f1-1a404fd50306&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V7y34CFgMhRorpgeQJ9AQhRorpgeQJ9AUAAAAGBvQHJOZxTWYm324t882ca9Fy4VgrJ4uFW2Wz-QaDzXIyMQ6GQGIe12Rm8u3WMt_MuRYtF461crJYuFU2m28w2CwnE-NgCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFkt5gAAAADw8P___w8BAAAAEAEAAAAgAQAAAEARUPFvIXABAAAAgPH___-vAQDFwXCuu_VlNzpcn5fdHwAAAAAgAAAAACQAB-pPJQAuL-Mn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0OquhrnRWrAsEQFoUWMAAAAAEp0cgaOJnVCZVH1___fbwVwBQAQQMhoJRmYpTso8RYGAAAgIKZUv5FdAoAlO7ZAD4vfb3bYNX63y_7_________zf7P_tGEiMzM0oJYAADUfgEBANZ-AQEA2NQNAOBNAC7kStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFktRkfQisFgdQExOwAAAIC7____fzyl-o3sEgAsWT0Q2M0clsFkuVq4LKvhwuObGWaTiWu1GkxsLsfMtb2nB950eY_o5r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBboATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDDjG46Wi5nNLZkMZmvRYDVcS2wjw1q1HC0npuVmNVws16LXx_TwLWYL42SLggEie5E8LdKJZrcbjpwLj8s08qwclplltjJsFpvdYjEYrTaeyUQs0Zws0onssi_sZg7LYLJcLVyW1XDh8c0Ms8nEtVoNJjaXY-bad3zD0XIxs7klk8FsLRqshmuJbWRYq5aj5cS03KyGi-Va9PqYHr7FbGGc7Buz2XA4WOyWo31jNhsOB4vdcrTv0Bm-q8_ZqN6utR6TV7Sszkw2h0HhMli8P4lpMe3ODqaz7-i0KbfNzs7ou3WPXoPCc_CYzrfKYvhMbBbm1dZ7MChiieAinWgeZpfnZvnbTU-X5S102l2mi1iiNF2kE73c5fv8JaPJbDBZLSZiieB0kU5EL-Ppov6jwuzmquFctZtrVgkAAAAAAAAAYAlz5k0AAAAAToNaDHeb1ToPZjCZLRer5QJU7DnpAoMAAAAAAAAUN348MQ-zy3Oz_O2mp8vyFjrtLtOVASbM1pg3fyaItVotawAAAAFsAACAAG7dvAWEWfH_____cQAAADJy9AAAAPT7QEWeuFHrhR_8BDlYDQc!&cmcv=&pix=undefined&cb=1668801795235&uv=3241&tms=1668801795235&abt=dfrc_vB!eidc_vB!id5mc_vB!Noappq22_vD!spa2_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=fc52fd77-f7f9-49a1-921a-eff700392b80&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12468

Redirect headers

Date
Fri, 18 Nov 2022 20:03:15 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=09a6c71a-677c-11ed-99f1-1a404fd50306&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
32
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame B018 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7y34CFgMhRorpgeQJ9AQhRorpgeQJ9AUAAAAGBvQHJOZxTWYm324t882ca9Fy4VgrJ4uFW2Wz-QaDzXIyMQ6GQGIe12Rm8u3WMt_MuRYtF461crJYuFU2m28w2CwnE-NgCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFkt5gAAAADw8P___w8BAAAAEAEAAAAgAQAAAEARUPFvIXABAAAAgPH___-vAQDFwXCuu_VlNzpcn5fdHwAAAAAgAAAAACQAB-pPJQAuL-Mn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0OquhrnRWrAsEQFoUWMAAAAAEp0cgaOJnVCZVH1___fbwVwBQAQQMhoJRmYpTso8RYGAAAgIKZUv5FdAoAlO7ZAD4vfb3bYNX63y_7_________zf7P_tGEiMzM0oJYAADUfgEBANZ-AQEA2NQNAOBNAC7kStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFktRkfQisFgdQExOwAAAIC7____fzyl-o3sEgAsWT0Q2M0clsFkuVq4LKvhwuObGWaTiWu1GkxsLsfMtb2nB950eY_o5r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBboATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDDjG46Wi5nNLZkMZmvRYDVcS2wjw1q1HC0npuVmNVws16LXx_TwLWYL42SLggEie5E8LdKJZrcbjpwLj8s08qwclplltjJsFpvdYjEYrTaeyUQs0Zws0onssi_sZg7LYLJcLVyW1XDh8c0Ms8nEtVoNJjaXY-bad3zD0XIxs7klk8FsLRqshmuJbWRYq5aj5cS03KyGi-Va9PqYHr7FbGGc7Buz2XA4WOyWo31jNhsOB4vdcrTv0Bm-q8_ZqN6utR6TV7Sszkw2h0HhMli8P4lpMe3ODqaz7-i0KbfNzs7ou3WPXoPCc_CYzrfKYvhMbBbm1dZ7MChiieAinWgeZpfnZvnbTU-X5S102l2mi1iiNF2kE73c5fv8JaPJbDBZLSZiieB0kU5EL-Ppov6jwuzmquFctZtrVgkAAAAAAAAAYAlz5k0AAAAAToNaDHeb1ToPZjCZLRer5QJU7DnpAoMAAAAAAAAUN348MQ-zy3Oz_O2mp8vyFjrtLtOVASbM1pg3fyaItVotawAAAAFsAACAAG7dvAWEWfH_____cQAAADJy9AAAAPT7QEWeuFHrhR_8BDlYDQc!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 18 Nov 2022 20:03:15 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
taboola-supply-partners.tremorhub.com/ Frame B018 		43 B
183 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7y34CFgMhRorpgeQJ9AQhRorpgeQJ9AUAAAAGBvQHJOZxTWYm324t882ca9Fy4VgrJ4uFW2Wz-QaDzXIyMQ6GQGIe12Rm8u3WMt_MuRYtF461crJYuFU2m28w2CwnE-NgCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFkt5gAAAADw8P___w8BAAAAEAEAAAAgAQAAAEARUPFvIXABAAAAgPH___-vAQDFwXCuu_VlNzpcn5fdHwAAAAAgAAAAACQAB-pPJQAuL-Mn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0OquhrnRWrAsEQFoUWMAAAAAEp0cgaOJnVCZVH1___fbwVwBQAQQMhoJRmYpTso8RYGAAAgIKZUv5FdAoAlO7ZAD4vfb3bYNX63y_7_________zf7P_tGEiMzM0oJYAADUfgEBANZ-AQEA2NQNAOBNAC7kStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFktRkfQisFgdQExOwAAAIC7____fzyl-o3sEgAsWT0Q2M0clsFkuVq4LKvhwuObGWaTiWu1GkxsLsfMtb2nB950eY_o5r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBboATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDDjG46Wi5nNLZkMZmvRYDVcS2wjw1q1HC0npuVmNVws16LXx_TwLWYL42SLggEie5E8LdKJZrcbjpwLj8s08qwclplltjJsFpvdYjEYrTaeyUQs0Zws0onssi_sZg7LYLJcLVyW1XDh8c0Ms8nEtVoNJjaXY-bad3zD0XIxs7klk8FsLRqshmuJbWRYq5aj5cS03KyGi-Va9PqYHr7FbGGc7Buz2XA4WOyWo31jNhsOB4vdcrTv0Bm-q8_ZqN6utR6TV7Sszkw2h0HhMli8P4lpMe3ODqaz7-i0KbfNzs7ou3WPXoPCc_CYzrfKYvhMbBbm1dZ7MChiieAinWgeZpfnZvnbTU-X5S102l2mi1iiNF2kE73c5fv8JaPJbDBZLSZiieB0kU5EL-Ppov6jwuzmquFctZtrVgkAAAAAAAAAYAlz5k0AAAAAToNaDHeb1ToPZjCZLRer5QJU7DnpAoMAAAAAAAAUN348MQ-zy3Oz_O2mp8vyFjrtLtOVASbM1pg3fyaItVotawAAAAFsAACAAG7dvAWEWfH_____cQAAADJy9AAAAPT7QEWeuFHrhR_8BDlYDQc!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:5cc5:a32:da3e:ed7e Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Fri, 18 Nov 2022 20:03:15 GMT
server
Apache-Coyote/1.1
content-type
image/gif
rtb-h
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame B018
Redirect Chain
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
  • https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=09a6c71a-677c-11ed-99f1-1a404fd50306&orig=video&us_privacy=1---gdpr=1&
0
98 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=09a6c71a-677c-11ed-99f1-1a404fd50306&orig=video&us_privacy=1---gdpr=1&
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V7y34CFgMhRorpgeQJ9AQhRorpgeQJ9AUAAAAGBvQHJOZxTWYm324t882ca9Fy4VgrJ4uFW2Wz-QaDzXIyMQ6GQGIe12Rm8u3WMt_MuRYtF461crJYuFU2m28w2CwnE-NgCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFkt5gAAAADw8P___w8BAAAAEAEAAAAgAQAAAEARUPFvIXABAAAAgPH___-vAQDFwXCuu_VlNzpcn5fdHwAAAAAgAAAAACQAB-pPJQAuL-Mn__________8xA_SZNzL_____NwY9AA8-AA9CAAAAH0OquhrnRWrAsEQFoUWMAAAAAEp0cgaOJnVCZVH1___fbwVwBQAQQMhoJRmYpTso8RYGAAAgIKZUv5FdAoAlO7ZAD4vfb3bYNX63y_7_________zf7P_tGEiMzM0oJYAADUfgEBANZ-AQEA2NQNAOBNAC7kStB0Onyue73o6XZ57kKn3WW6y12mv9zl-_wlo8lsMFktRkfQisFgdQExOwAAAIC7____fzyl-o3sEgAsWT0Q2M0clsFkuVq4LKvhwuObGWaTiWu1GkxsLsfMtb2nB950eY_o5r4QYZn9voOCcnp6zC6DqOh6W-wOp9lzEB80DMvJIJjfhC1Gq8lksxzOlovJYDgajkb7G4jBboATMVguJ5PFZLcarUab4W40GyxQIAYTpGjRYLIajSaLyXA1mqxmy8Vut0GKVq1mo81guJpNZrvdajgYLkcjnLDFaDWZbJbD2XIxGQxHw9FoiDDjG46Wi5nNLZkMZmvRYDVcS2wjw1q1HC0npuVmNVws16LXx_TwLWYL42SLggEie5E8LdKJZrcbjpwLj8s08qwclplltjJsFpvdYjEYrTaeyUQs0Zws0onssi_sZg7LYLJcLVyW1XDh8c0Ms8nEtVoNJjaXY-bad3zD0XIxs7klk8FsLRqshmuJbWRYq5aj5cS03KyGi-Va9PqYHr7FbGGc7Buz2XA4WOyWo31jNhsOB4vdcrTv0Bm-q8_ZqN6utR6TV7Sszkw2h0HhMli8P4lpMe3ODqaz7-i0KbfNzs7ou3WPXoPCc_CYzrfKYvhMbBbm1dZ7MChiieAinWgeZpfnZvnbTU-X5S102l2mi1iiNF2kE73c5fv8JaPJbDBZLSZiieB0kU5EL-Ppov6jwuzmquFctZtrVgkAAAAAAAAAYAlz5k0AAAAAToNaDHeb1ToPZjCZLRer5QJU7DnpAoMAAAAAAAAUN348MQ-zy3Oz_O2mp8vyFjrtLtOVASbM1pg3fyaItVotawAAAAFsAACAAG7dvAWEWfH_____cQAAADJy9AAAAPT7QEWeuFHrhR_8BDlYDQc!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12468

Redirect headers

Date
Fri, 18 Nov 2022 20:03:15 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Location
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=09a6c71a-677c-11ed-99f1-1a404fd50306&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
80
Connection
keep-alive
Content-Length
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8172 		118 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51212c5ccc55ff2d314b50522b8834f6f43cd5932467f47b624e335ab7603b3a
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKH22pHDuPsCFfWmcQodzaoICQ&gqi=A-V3Y9-OFquA1fAP4qOv6A0&layout=/sadbundle/%24csp%253Der3%24/11689999083124395179/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
44999
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKH22pHDuPsCFfWmcQodzaoICQ&gqi=A-V3Y9-OFquA1fAP4qOv6A0&layout=/sadbundle/%24csp%253Der3%24/11689999083124395179/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/j/ Frame 2FE8 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=816432763&t=pageview&_s=1&dl=https%3A%2F%2Ftimes.hinet.net%2Fhinetlife2%2Findex.html&dp=%2Fliferight&ul=en-us&de=UTF-8&dt=React%20Webpack%20Template&sd=24-bit&sr=1600x1200&vp=300x350&je=0&_u=AACAAEABAAAAACAAI~&jid=&gjid=&cid=1365366507.1668801795&tid=UA-131110623-1&_gid=2022163553.1668801795&_slc=1&z=1005886431
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
bulk
trc.taboola.com/salesfrontier-hinet/log/3/ 		0
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/salesfrontier-hinet/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=7
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
11
pragma
no-cache
date
Fri, 18 Nov 2022 20:03:15 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230025-FRA
server
nginx
x-timer
S1668801796.579766,VS0,VE11
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://times.hinet.net
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
video_m.css
www.hinet.net/resources/freevideo/css/ Frame E2AD 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.hinet.net/resources/freevideo/css/video_m.css
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
446a920d78747ec1b48b4d70a242ad5d3c583bcea9ae97c91bb39b57e199a70b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Mon, 13 Sep 2021 08:51:46 GMT
server
HiNetCDN/2211
content-encoding
br
vary
Accept-Encoding, Accept-Encoding,User-Agent
x-frame-options
ALLOW-FROM https://times.hinet.net
content-type
text/css
x-cache
EXPIRED, HIT
cache-control
no-cache
x-xss-protection
1;mode=block
x-request-id
d705f51f5ea2cda0d373bec7dd186fc4
jquery-3.5.0.min.js
www.hinet.net/resources/freevideo/js/ Frame E2AD 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.hinet.net/resources/freevideo/js/jquery-3.5.0.min.js
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Mon, 13 Sep 2021 08:51:46 GMT
server
HiNetCDN/2211
content-encoding
br
vary
Accept-Encoding, Accept-Encoding,User-Agent
x-frame-options
ALLOW-FROM https://times.hinet.net
content-type
application/javascript
x-cache
EXPIRED, HIT
cache-control
no-cache
x-xss-protection
1;mode=block
x-request-id
050e21831e44a585c4ececc751e7b6bb
flowplayer-3.2.12.min.js
cdn.jsdelivr.net/flowplayerflash/3.2.16/ Frame E2AD 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/flowplayerflash/3.2.16/flowplayer-3.2.12.min.js
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
558c137ae8d2421d46b2ced70dc3d8eb54a63544a53930b30a555b7686001c91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
686368
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19127-FRA, cache-yyz4526-YYZ
server
cloudflare
etag
W/"3f90-ZX1G66yUNOgp4y1IZgaD9tXEZLE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ahkvXbZBPIlOT9g7MG2jYbpRfv0clC5v550YL6fgH9wQ17viFNeI0O0TaXILaDXB89vGrVxVhsCG2OkJggvDGtwDHD4jwwPLouNWuVEFSpWIZuCR5BAoE98oWpYgNBVHilfzBDWBukVxQ4X0FDQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
76c34ef74a75693a-FRA
utag.js
t.ssp.hinet.net/ Frame E2AD 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 18 Nov 2022 20:13:16 GMT
340x210.jpg
www.hinet.net/resources/images/ Frame E2AD 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/resources/images/340x210.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
affc7465346ea96f040285c0a25779820afddb764f9e9bf8e6fdfe3162891602
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Mon, 13 Sep 2021 08:51:46 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
16643
x-xss-protection
1;mode=block
x-request-id
97241ec91d720b55b18e5fce2c68cfe3
17a1833f605000003c1c.png
www.hinet.net/data/upload/election/ Frame E2AD 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1833f605000003c1c.png
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
b0bbaadba0e46405bfde24d4492d85c49a548102a6150720deafa2adcac4ecaf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:21:54 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/png
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
2121
x-xss-protection
1;mode=block
x-request-id
b20ec8cbe35e84d66d6815339b074828
17a1843eed1000001ad3.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1843eed1000001ad3.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
6f036fa79597e97410bbe9a223a92ed409aa34b72175e0f4a2917e70eb49171b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:39:20 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
11892
x-xss-protection
1;mode=block
x-request-id
35a533ad3803ba7c07f8351a33f66e8b
17a18341706000007a85.png
www.hinet.net/data/upload/election/ Frame E2AD 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18341706000007a85.png
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
a0a5acfaf87f0963217eff8390e77a005f0e4dd6d08b324e1c9af9f911796cdf
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:22:02 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/png
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
3427
x-xss-protection
1;mode=block
x-request-id
3690524f78ac4edd28755b7b16e90739
17a1834a4f500000bb59.png
www.hinet.net/data/upload/election/ Frame E2AD 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1834a4f500000bb59.png
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
364d46add4e2a123d4deebc10a3f3ff40444ae6303cdccc6ecf319f9c2db41c5
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:22:38 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/png
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
25024
x-xss-protection
1;mode=block
x-request-id
04af5d04d76612543cd7e63b474166a8
17a18352dd20000022d5.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18352dd20000022d5.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
6ac8a6a5a955091ee9269f2f9b738859ad85e013ce22d70ad560451e9b40f863
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:23:13 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
11037
x-xss-protection
1;mode=block
x-request-id
645904dc2df992c29a3816821e350e39
17b7c16d01c00000b561.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17b7c16d01c00000b561.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
939e7ed4cc62d8c8b958e48e5cfe0a176e10e80e8f9cbe8e4fa983ba4c445732
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Wed, 25 Aug 2021 06:54:27 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
4920
x-xss-protection
1;mode=block
x-request-id
5552f61ed04c2b821b5973a03de3346b
17a1838c8f30000013f1.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1838c8f30000013f1.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
253eb5746eca714be94d1a0c70b0bd6216d681a4dea0b1745bdb43ed69fab701
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:27:10 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
10730
x-xss-protection
1;mode=block
x-request-id
5244fe5ea08b95ba6a4658e2c61999f5
17a1839096200000ba68.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1839096200000ba68.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
dd382c876fd7255e44e3df2dc05e7a35755a9e9bb60d056a96e01ad135f952c8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:27:26 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
10234
x-xss-protection
1;mode=block
x-request-id
380112b8588677d44de62211403a8138
17a183942820000037b1.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183942820000037b1.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
6c46b95b6a04469c152640a5caa33a1e4060b1c1515fca04e33acf71a697d1a6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:27:41 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
9971
x-xss-protection
1;mode=block
x-request-id
acfda3ccd87d616f941795f6adc6e11b
182a092d3bc00000ada2.png
www.hinet.net/data/upload/election/ Frame E2AD 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/182a092d3bc00000ada2.png
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
e4f7c7508ba476d337470d7d7424e3459d828bffa4eea611ebb712464ff64766
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Mon, 15 Aug 2022 08:16:29 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/png
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
24755
x-xss-protection
1;mode=block
x-request-id
b8d5c6f7163447f3b6114f4c1acb21e6
17b7c49e917000008330.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17b7c49e917000008330.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
5f78b376c449eb72346fd7e6c3a1ef6afe242cb9953117ec67474f3dc5c46220
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Wed, 25 Aug 2021 07:50:16 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
4753
x-xss-protection
1;mode=block
x-request-id
2659b187f84c727d14ffdd7c3d0ce86f
17a183dc058000001121.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183dc058000001121.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
1997e5fae742597b647978f12afc735e576dfabc72dfdb95466f976b039af5fa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:32:35 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
11247
x-xss-protection
1;mode=block
x-request-id
1065089588383c9cefb0dd7a18977b6e
17a183e03a5000008a91.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183e03a5000008a91.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
04dccc299261a1c9f8a37a7527a673973fcf7343ff13cb43a4a690c373284ccc
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:32:52 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
8533
x-xss-protection
1;mode=block
x-request-id
017a762faaea8f6b70a81f63c466a023
17a183e4479000006050.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183e4479000006050.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
d0365d6c9d95c7fc1f71e4d607e55cbb1031662f3870be65a4b40b4bff3449e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:33:09 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
9838
x-xss-protection
1;mode=block
x-request-id
5285aeb52645f67e77d65cfbbe023ac0
17a183ea2f400000695a.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183ea2f400000695a.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
5200e468e0ee79e62e5bd0cd20bf633ab19fbbbb728dbb690d461afbf9ffef9e
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:33:33 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
11223
x-xss-protection
1;mode=block
x-request-id
d443eb449c428405b89bc651e5bc8dff
17a183ee00f0000001eb.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183ee00f0000001eb.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
610db2765a546cd3df8577915e1864fb3d8563083774c6168ef38fbcaade4d10
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:33:49 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
8153
x-xss-protection
1;mode=block
x-request-id
46c79f225aa27219c4ef1443d6638b43
17a183f2a6c00000017b.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183f2a6c00000017b.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
dd1fe4f8a74b8e4e567fd9ada0d5a70b18022de00b536b77a59c4425baf26293
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:34:08 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
11050
x-xss-protection
1;mode=block
x-request-id
8b69621cb4751bd63db933a613d4b7d8
17a183f6aa700000a67e.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a183f6aa700000a67e.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
d7bcb7b0529ef5c289a8d8302b60f946370caa9e8c077bc353517668767a5958
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:34:24 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
9118
x-xss-protection
1;mode=block
x-request-id
5a7b5c5f8ac578cd5203ea2d623d0a2d
17a1843bea60000060ca.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1843bea60000060ca.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
ddb268570d64a641ebb583735c70e62d40a83b000df689a19bd53bf034ede2e6
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:39:08 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
10493
x-xss-protection
1;mode=block
x-request-id
48aee4a67f30c89ab54ad57f9e46aae8
17a1844259f000004e62.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1844259f000004e62.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
f2f0360da4f889974f00040b2da4c152456efe290a8d7ec533e9ad8404ac64f0
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:39:34 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
11251
x-xss-protection
1;mode=block
x-request-id
fba2350a471bc7effd3ac25c4571ba09
17a1844ccac000004b2b.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1844ccac000004b2b.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
3ba185428dae889fa4874cb4985e4e057c69fc55eea670452d9e02a75f11b7d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:40:17 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
10245
x-xss-protection
1;mode=block
x-request-id
8704c142d2f0d1f953c61a3a1a5950e2
17a18450b9b00000b7c6.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18450b9b00000b7c6.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
a7ce9a3a3497bd8dfc36ac8f2437b7ed699b3041fed13be80fb0fed3f24716b4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:40:33 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
11158
x-xss-protection
1;mode=block
x-request-id
a9a35517ad4f8c5203bea6a127b1c8e3
17a184557f4000005aec.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a184557f4000005aec.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
ff0014235e8e7f8387c727fc3ad3ca6d75780c07a41ad85efdc005645cb7bc9b
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:40:53 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
8753
x-xss-protection
1;mode=block
x-request-id
e5c805446f0ef7e7b1b720d5aec70fdb
17a18459bab00000787f.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18459bab00000787f.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
a06fcec0798cf647e7214434bc14ee170b6bd6c0b123749d1716ca1ae1cf4cf2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:41:10 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
11469
x-xss-protection
1;mode=block
x-request-id
b70d5ebc0eb0a2c20a24fbc521cde81d
17a18460cf4000006f8a.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18460cf4000006f8a.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
d0365d6c9d95c7fc1f71e4d607e55cbb1031662f3870be65a4b40b4bff3449e8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:41:39 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
9838
x-xss-protection
1;mode=block
x-request-id
0e0070e48e86b1e25b3f82bca8a0427e
17a18464655000003336.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18464655000003336.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
11093965cab85c1e47839623f442f8fd9e9f196f97b4b1b2e9db42a51c3515ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:41:54 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
12341
x-xss-protection
1;mode=block
x-request-id
89dafd0f8bb46db5df242a6ef593835f
17a184684960000029c1.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a184684960000029c1.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
17ed3bb9d1c1bc6107ccd9b77e2afea2adcf57843f1ffe43fab4e7f7138cd356
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:42:10 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
9195
x-xss-protection
1;mode=block
x-request-id
444bab830e3d2f87b0093326c92109ec
17a1846bec200000152a.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1846bec200000152a.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
a27b0d8ced8f1461a7f63953a04e799cd081285b034ae2b2a6470be73b22adaa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:42:25 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
9490
x-xss-protection
1;mode=block
x-request-id
0476ee7b60e9b8e299dae19ec16c9b96
17a1848b23600000bda7.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1848b23600000bda7.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
62e30fa31740babccb972d2544d6cf48356ad7d5864229f9d0750d5ae77a3a88
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 04:44:32 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
8325
x-xss-protection
1;mode=block
x-request-id
6c866e9df8ec6555a4a629694340fcf4
17a1892fcec000000cd5.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1892fcec000000cd5.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 06:05:41 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
5387
x-xss-protection
1;mode=block
x-request-id
5ec4be7a0dd477d685bce666d2496309
17a189494b500000059f.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a189494b500000059f.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 06:07:26 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
5387
x-xss-protection
1;mode=block
x-request-id
ef6369c1ab4ba4233495f9a2001220fc
17a1894d4710000061c3.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1894d4710000061c3.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 06:07:42 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
5387
x-xss-protection
1;mode=block
x-request-id
3ec0956eabc6f27fd7cbe78658ae1526
17a18952a780000037d6.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18952a780000037d6.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 06:08:04 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
5387
x-xss-protection
1;mode=block
x-request-id
223976ae1c39af6fc48c7e7cd8ec70eb
17a1895577d000005f40.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1895577d000005f40.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 06:08:16 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
5387
x-xss-protection
1;mode=block
x-request-id
b38fddfa7e31c71fd5cf61b32c6af5b2
17a1895860d000002d38.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1895860d000002d38.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 06:08:27 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
5387
x-xss-protection
1;mode=block
x-request-id
6f8088adff2ace13dd929ba2f0bfe481
17a1895c26c0000058a8.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1895c26c0000058a8.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 06:08:43 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
5387
x-xss-protection
1;mode=block
x-request-id
00c0da755d2593c7fe25ab2f3eb097a2
17a1895f5ad000009fcd.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1895f5ad000009fcd.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 06:08:56 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
5387
x-xss-protection
1;mode=block
x-request-id
ac3dd889361ff5ba6ace1379bfb61a4f
17a1896290e000000a8c.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a1896290e000000a8c.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 06:09:09 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
5387
x-xss-protection
1;mode=block
x-request-id
ac0f272724d64e768bca70186e3969d1
17a18965556000004e77.jpg
www.hinet.net/data/upload/election/ Frame E2AD 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/data/upload/election/17a18965556000004e77.jpg
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/tv/mobile_iframe.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Thu, 17 Jun 2021 06:09:21 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/jpeg
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
5387
x-xss-protection
1;mode=block
x-request-id
a73f982c405c603e3e3d43595e7dc901
plan
ssp.tenmax.io/supply/v3/universal/ 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.tenmax.io/supply/v3/universal/plan?rmaxSpaceId=2f0bd42ae1064b18&referer=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&bodyWidth=1600&bodyHeight=1200&cacheBuster=2cd03753-36e6-4a2e-87e2-575bdfdb7970
Requested by
Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/universal.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
f4449e6bc53a73a4c3693492b847e1573552d33f90ef7c41b6bd950c11e089a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:15 GMT
Server
nginx
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://times.hinet.net
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
6760
X-Application-Context
application:prod,aggregator,build-ext:58070
visible
trc.taboola.com/salesfrontier-hinet/log/3/ 		0
59 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/salesfrontier-hinet/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Fri, 18 Nov 2022 20:03:15 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230025-FRA
server
nginx
x-timer
S1668801796.712786,VS0,VE9
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://times.hinet.net
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 18 Nov 2022 20:03:15 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
20385
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230025-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1668801796.715074,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
42
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
8845
ex.html
player.svc.litv.tv/v3/ Frame 001E 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6600:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acdfd0556eb63b1b400a99d4600b64db9d4edf7e2fea2c08d5d235c9f5ace0f7

Request headers

Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
15125
content-encoding
gzip
content-type
text/html
date
Fri, 18 Nov 2022 15:51:59 GMT
etag
W/"a6c491ecdefcdd37c968367f53c33743"
last-modified
Wed, 19 Oct 2022 05:58:43 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-id
kTWWEGrLr5KUKhIL265O7jYHwran_ZY7Nd41G80zVejy3kQKD0qzDg==
x-amz-cf-pop
FRA56-P6
x-amz-version-id
rkX_ih1LPxrCwsVVjH1BLrmUDUf1cYuG
x-cache
Hit from cloudfront
hinet3-config.json
player.svc.litv.tv/meta/config/ Frame 3F7A 		851 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/meta/config/hinet3-config.json?cb=38629
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6600:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dee26db05db16cdd88700e1f8de493b64553cca9299bdcf6acfeb9c43408e589

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
RTl2Xbd_0XdtBIDsRONWbCp.EbQd48ki
date
Fri, 18 Nov 2022 15:04:59 GMT
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 00:05:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
17897
etag
"60607e8751df192a0062bc107fb3b2a5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=43200
accept-ranges
bytes
content-length
851
x-amz-cf-id
ecpolGLUZg0VTqAUXYuJ6PUZZthInzMDcA9gIxpiBqiuLDpYqkDUtg==
js
www.googletagmanager.com/gtag/ Frame 001E 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12c9d6d2916997db91b922f730ad10a96051e8811bb77d6b7d16c7eb09d641dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43614
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 18 Nov 2022 20:03:15 GMT
utag.js
t.ssp.hinet.net/ Frame 001E 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 18 Nov 2022 20:13:15 GMT
gtm.js
www.googletagmanager.com/ Frame 001E 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TXVNLXL
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
322d2afe20db09827e2f1c47d0d08b70bbd428f5b2c2fb47934fcd2730ff243d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41919
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 18 Nov 2022 20:03:15 GMT
puid
pusti.svc.litv.tv/ Frame 3F7A 		83 B
103 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pusti.svc.litv.tv/puid
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.74.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
134.74.96.34.bc.googleusercontent.com
Software
/
Resource Hash
f18502eac6b3b3047e6601ba65c315170905034d804911d529173eaec5822545

Request headers

Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
via
1.1 google
access-control-max-age
60
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-store, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
83
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
puid
pusti.svc.litv.tv/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pusti.svc.litv.tv/puid
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.74.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
134.74.96.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://player.svc.litv.tv
access-control-max-age
60
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 18 Nov 2022 20:03:15 GMT
via
1.1 google
js
www.googletagmanager.com/gtag/ Frame 001E 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-138079999-6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8fc7e33f886b5624e02fc55f874da2c1b9627aa7652856f2eb3d2f06d336a339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43740
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Nov 2022 20:03:15 GMT
js
www.googletagmanager.com/gtag/ Frame 001E 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JRLWM3RJSP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a1924109f4ebcefaa18fe7a0402fdf2870c00c10196c16960cfdd951a35493bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76620
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Nov 2022 20:03:15 GMT
js
www.googletagmanager.com/gtag/ Frame 001E 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YSPHD5H7XJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXVNLXL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
67a4be09e1cb505623ad3d53c2d1a1520d697811b879bc94298277734d3b9362
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76615
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Nov 2022 20:03:15 GMT
ytc.js
s.yimg.com/wi/ Frame 001E 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:02:38 GMT
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding
gzip
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-amz-request-id
9BZ7FZRZJF41NZ48
age
38
x-amz-server-side-encryption
AES256
content-length
5929
x-amz-id-2
h6/8S8e+2gOQOm3lU+RArNERjhQSrMz+XNSw5IyT7D7Ary27aTLtAydMRqK2OVUJwvLf55+NZUo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
lightintegration.js
redir.adap.tv/redir/javascript/ Frame 001E 		31 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://redir.adap.tv/redir/javascript/lightintegration.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXVNLXL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.28 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB1) /
Resource Hash
1e15f65bcef05f2ea9f54e051da9bf7e6fc9eb00a669905c9ed33f4fd7ba26f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
x-amz-version-id
XGOCJEPvmrIOhn2ZV_.qAlIiRmN7Rqa0
nel
{"report_to": "default", "max_age": 86400, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age
152982
x-amz-request-id
A7AJQZAJW6ER4QQG
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
31633
x-amz-id-2
tzFfqY1wObwpRfUOcfgg6Lx5y9rEG0Ay4enN6eVDxwAN57VB7iqPAXN9twmFLVjT+SsLW1zzLwk=
last-modified
Wed, 13 Sep 2017 23:08:44 GMT
server
ECAcc (frc/4CB1)
x-amz-meta-s3cmd-attrs
uid:1000/gname:adaptv/uname:adaptv/gid:1000/mode:33188/mtime:1505344053/atime:1505344249/md5:1de3d0b5f3cbe8b1e87e274f129ac0e7/ctime:1505344249
etag
"1de3d0b5f3cbe8b1e87e274f129ac0e7"
report-to
{"group": "default", "max_age":86400, "endpoints":[{"url":"https://report.edgecast.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
content-type
text/plain
accept-ranges
bytes
gpt.js
www.googletagservices.com/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/universal.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e1c0ebf7754cb31a1f17efc56308561c1efee8c060f6e3c4f6a7ce25451a0f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27269
x-xss-protection
0
server
sffe
etag
"1396 / 426 of 1000 / last-modified: 1668773326"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Nov 2022 20:03:15 GMT
request
ssp.tenmax.io/supply/tracking/ 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/request?bid=09e6a6f0-677c-11ed-a98d-8f82c9fddd8e&chid=646c4a45f0544a8c&sid=2f0bd42ae1064b18
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:16 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
td_js_sdk_171.js
api.popin.cc/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/td_js_sdk_171.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/hinet_times.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:16 GMT
x-amz-version-id
null
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2018 09:42:51 GMT
Server
nginx
ETag
W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status
HIT from 10.252.55.44
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Fri, 18 Nov 2022 21:03:16 GMT
recommend
tw.popin.cc/popin_discovery/ 		527 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&&device=pc&media=times.hinet.net&extra=windows&agency=popin-tw&topn=50&ad=200&r_category=all&country=tw&redirect=true&uid=42b14c28a38df9e99451668801795961&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTA3LjAuNTMwNCIsInVzZXJfdGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidXNlcl90ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInVzZXJfdGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDcuMC41MzA0LjExMCBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii9uZXdzLzI0MjYwMjUxIiwidXNlcl90ZF9jaGFyc2V0IjoidXRmLTgiLCJ1c2VyX3RkX2xhbmd1YWdlIjoiZW4tdXMiLCJ1c2VyX3RkX2NvbG9yIjoiMjQtYml0IiwidXNlcl90ZF90aXRsZSI6IiVFNyVCRSU4RSVFNSU4NSU4MyVFNSVBRSU5QSVFNSVBRCU5OCVFNSU4NCVBQSVFNSU4OCVBOSUyMCVFNiU5QyU4OSVFNiU5QyU5QiVFOCVBMSU5RDUlMjUtJUU4JUIyJUExJUU3JUI2JTkzLUhpTmV0JUU3JTk0JTlGJUU2JUI0JUJCJUU4JUFBJThDIiwidXNlcl90ZF91cmwiOiJodHRwczovL3RpbWVzLmhpbmV0Lm5ldC9uZXdzLzI0MjYwMjUxIiwidXNlcl90ZF9wbGF0Zm9ybSI6IldpbjMyIiwidXNlcl90ZF9ob3N0IjoidGltZXMuaGluZXQubmV0IiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTY2ODgwMTc5NTk2MywiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&alg=ltr&callback=_p6_97c6d1d32d40
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/hinet_times.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
4f48e229601b1426b5bfa91241fabb8e94b27d790e5789d5b9f9d6c1e3215e83

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.13.5
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
popin_discovery5-min.js
api.popin.cc/ 		155 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/popin_discovery5-min.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/hinet_times.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
7174220f5fae89350dd7546a1f7fdd646c163011688b4a1a7c8344dbec14119c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:16 GMT
x-amz-version-id
ZSHgav7oxHWIG.1hJRy7dZhzYvDPn4Zl
Content-Encoding
gzip
Last-Modified
Tue, 15 Nov 2022 11:05:50 GMT
Server
nginx
ETag
W/"66fc13530273f2130968bd58b34b1ea6"
X-Cache-Status
HIT from 10.252.55.25
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Fri, 18 Nov 2022 21:03:16 GMT
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNCwidWEiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoidGltZXMuaGluZXQubmV0IiwidXJsIjoiaHR0cHM6Ly90aW1lcy5oaW5ldC5uZXQvbmV3cy8yNDI2MDI1MSIsImxvYyI6Imh0dHBzOi8vdGltZXMuaGluZXQubmV0L25ld3MvMjQyNjAyNTEiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwNy4wLjUzMDQuMTEwIFNhZmFyaS81MzcuMzYiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjEwNy4wLjUzMDQifQ==&t=1668801795966
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
last-modified
Thu, 13 Dec 2018 07:19:53 GMT
server
nginx/1.13.5
etag
"5c120819-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjowLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InRpbWVzLmhpbmV0Lm5ldCIsInVybCI6Imh0dHBzOi8vdGltZXMuaGluZXQubmV0L25ld3MvMjQyNjAyNTEiLCJ1aWQiOiI0MmIxNGMyOGEzOGRmOWU5OTQ1MTY2ODgwMTc5NTk2MSIsInRkX3RpdGxlIjoiIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjYsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiMTA3LjAuNTMwNCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA3LjAuNTMwNC4xMTAgU2FmYXJpLzUzNy4zNiJ9&t=1668801795967
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
last-modified
Thu, 13 Dec 2018 07:19:53 GMT
server
nginx/1.13.5
etag
"5c120819-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
cookie
ads.adaptv.advertising.com/ Frame 001E 		0
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/cookie?pageUrl=https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=&isTop=false&callback=1
Requested by
Host: redir.adap.tv
URL: https://redir.adap.tv/redir/javascript/lightintegration.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.211.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-211-94.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

server
adaptv/1.0
Connection
keep-alive
Content-Length
0
content-type
text/html
analytics.js
www.google-analytics.com/ Frame 001E 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138079999-6&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Nov 2022 19:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2842
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 18 Nov 2022 21:15:54 GMT
10114832.json
s.yimg.com/wi/config/ Frame 001E 		46 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10114832.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
480d5b26935e27640c98365cfc7bd4a663c82d2affb64ffae8a4bf9b01b5e9fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:01:59 GMT
x-amz-version-id
LFheN9jReXK1DR2ArxDz7ZU1RNsU84u3
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
x-amz-request-id
563CJS6XXXWC1GFB
age
25278
x-amz-server-side-encryption
AES256
content-length
46
x-amz-id-2
0FystH61hKfvyTUWnKxJdgZpvBz22+jwyxynQCnk+iaug9NCHQWOZAd1+Ku3B+F5NFgDcuzx6XU=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sun, 07 May 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Fri, 01 Apr 2022 21:50:20 GMT
server
ATS
etag
"31991d36d356e76ae58f243f53479582"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
/
t.ssp.hinet.net/ Frame 001E 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9f836de20c607ff0e1905466421e9b34ab1ba34eb3cd0e1acdf0587182867784
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, private
access-control-allow-credentials
true
collect
region1.analytics.google.com/g/ Frame 001E 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JRLWM3RJSP&gtm=2oeb90&_p=1190411500&_gaz=1&cid=1047831193.1668801796&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1668801796&sct=1&seg=0&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQz%7CaGluZXQ%3D&dr=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQz%7CaGluZXQ%3D&dt=&en=scroll&_fv=1&_nsi=1&_ss=1&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JRLWM3RJSP&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ Frame 001E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JRLWM3RJSP&cid=1047831193.1668801796&gtm=2oeb90&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JRLWM3RJSP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame 001E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JRLWM3RJSP&cid=1047831193.1668801796&gtm=2oeb90&aip=1&z=631161530
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7322
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Nov 2023 18:01:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		875 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=times.hinet.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a8ee0403f4c897f53c06e745374d863e8072abf0b3ecc61a6ac5665e9acaf6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:16 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/ Frame D196 		34 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
886159f3d64efcbef2670c09f4f949274f6c13927e93957aa1589f41ceb006f3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
118529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5169
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 11:07:47 GMT
expires
Fri, 17 Nov 2023 11:07:47 GMT
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 8172 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CAVyKA-V3Y-HoFvXNxgPN1aJI34f0wG2ky4v_zhDBouKZ3DQQASDKvvwmYJWCgICwB6ABvuPHsSjIAQmpArLnnENFDak-qAMByANIqgTiAU_QczoNV8X9yTe6OlqCMW8soEY5QQJu91yM6qiApREYvJDg-30qGh_LLYu1ySOtO_KWo4GPnChU12NveoCPdkbgXz8MJUiX9IA_EbxgEagSet3hDv0mt1ctLaaMhxB3SJh8VpSpXFdyNbjqCK2XZQJ5n0OV_SPGxAh4mmk77uBrTFsh4G7AJj4ZBWghfCo3dkKOHs_5EIOIHWsdnzSk44XhnFMHAQGtAT0S4M_3P21e8UcYK0x9CD-aZHzvDS1D0nMpwf7ZF37ffIGgCLzDYD2jseZpsKUcdpywPQqHrowao9TABM_Y6JmSBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAe-m5iRA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEODNBtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMC0BUBmBYBgBcBshccChoIABIUcHViLTQ0NTc2NTk3MjAxNjM3NDcYAA&sigh=Kii-c8CNlqc&uach_m=[UACH]&cid=CAQSPADq26N9weuElfHKM2SImTNp5ILhdUoKEV3zC5mpadA2wGOYb-mgNYu6RsDR7dBA-BF8MYI7ycPcH30NqBgBIBM&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 18 Nov 2022 20:03:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 8172 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:35:45 GMT
sp.pl
sp.analytics.yahoo.com/ Frame 001E 		43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2018%20Nov%202022%2020%3A03%3A16%20GMT&n=0&.yp=10114832&f=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQz%7CaGluZXQ%3D&e=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQz%7CaGluZXQ%3D&enc=UTF-8&yv=1.13.0&isIframe=1&tagmgr=gtm
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Fri, 18 Nov 2022 20:03:16 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3808773216574337&correlator=2729124093502817&eid=31068367&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=37275962%2Crmaxspace%2C2f0bd42ae1064b18&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=769917585&didk=2102303627&sfv=1-0-40&prev_scp=adx_region%3DTWN%26line_item_type%3DadSense&eri=4&sc=1&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3ART%3D1668801795%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&abxe=1&dt=1668801796130&lmt=1668801796&dlt=1668801791174&idt=4945&adxs=1000&adys=1634&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&frm=20&vis=1&psz=0x0&msz=300x0&fws=4&ohw=1600&ga_vid=1365366507.1668801795&ga_sid=1668801796&ga_hid=775647503&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca834b6489d8d5bb8ab1b48bc5bfb1250114c207fdc9abe5b287ee78c72e659f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12895
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C3F3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:16 GMT
expires
Sat, 18 Nov 2023 20:03:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame D196 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24656
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2655
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 19 Nov 2022 13:12:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame D196 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
610
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 19 Nov 2022 19:53:06 GMT
c362b1f05dc8934474d0dee6e618807a.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/ Frame D196 		103 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/c362b1f05dc8934474d0dee6e618807a.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d10602b0b4be4710e24c06e60e114825e29bcf678de50242f4a962ac0ba9196f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Nov 2022 11:07:48 GMT
age
118528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29890
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:07:48 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame BA07 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
449
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 19:55:47 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8172 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:01:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
7318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 18:01:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 8172 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:35:45 GMT
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 8172 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKH22pHDuPsCFfWmcQodzaoICQ&gqi=A-V3Y9-OFquA1fAP4qOv6A0&layout=/sadbundle/%24csp%253Der3%24/11689999083124395179/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame BA07
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:16 GMT
expires
Fri, 18 Nov 2022 20:03:16 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:16 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
emome2
t.ssp.hinet.net/ Frame 001E 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=2675b86f-e2c7-42ab-ba78-5831b3eae5b6
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, private
access-control-allow-credentials
true
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8172 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:16 GMT
truncated
/ Frame 8172 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fdc2c97f9d3c770eb8f8cf2de7b35b53a5dbcaecd6b25d9bd66f01cbadbcc5de

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
css
fonts.googleapis.com/ Frame D196 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/c362b1f05dc8934474d0dee6e618807a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2db0a43cf6d5a3f65b457a78124848371e3c4b0feea7017842ab3542164b6804
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 18:25:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Nov 2022 20:03:16 GMT
c22528cd99c2d835b7c3a0f917845864.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/ Frame D196 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/c22528cd99c2d835b7c3a0f917845864.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16bb1f66713c230d8b54654c6d74dad513d923d73d9d8015453dc472a6e9386e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 11:07:41 GMT
x-content-type-options
nosniff
age
118535
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26941
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:07:41 GMT
cd2696fd4b4633d9b42115314ccf4590.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/ Frame D196 		349 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/cd2696fd4b4633d9b42115314ccf4590.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Nov 2022 11:07:48 GMT
age
118528
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:07:48 GMT
f7ba8c3e60181d799b5bfd46d457a094.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/ Frame D196 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/f7ba8c3e60181d799b5bfd46d457a094.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1fd1077665f1279f2be5b244185eda10ab6085bcc64cfd15018f10107ae3f14e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 11:07:41 GMT
x-content-type-options
nosniff
age
118535
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1202
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:07:41 GMT
gtm.js
www.googletagmanager.com/ Frame E2AD 		125 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P88FR8
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cfd0940423d2c9c029138721abda900b18147f58a28e47b4e5cf5f5322f5b687
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48005
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 18 Nov 2022 20:03:16 GMT
/
t.ssp.hinet.net/ Frame E2AD 		37 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3bfaf037e59a20b015836fbf6a9080e95a5ba9affdddcbf8008afb05e524df4
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.hinet.net
cache-control
no-cache, private
access-control-allow-credentials
true
play_icon.png
www.hinet.net/resources/freevideo/img/ Frame E2AD 		34 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.hinet.net/resources/freevideo/img/play_icon.png
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/resources/freevideo/css/video_m.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:b000:589::3 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
HiNetCDN/2211 /
Resource Hash
53a1a3d6c5bd947c6eee0a398e3d0ca97da62e9b6810519bb2940b9c435d1aa2
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security max-age=31536000;includeSubdomains;preload
X-Content-Type-Options nonsniff
X-Frame-Options ALLOW-FROM https://times.hinet.net
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/resources/freevideo/css/video_m.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=31536000;includeSubdomains;preload
x-content-type-options
nonsniff
content-security-policy
frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
last-modified
Mon, 13 Sep 2021 08:51:46 GMT
server
HiNetCDN/2211
x-frame-options
ALLOW-FROM https://times.hinet.net
vary
User-Agent
content-type
image/png
x-cache
EXPIRED, HIT
cache-control
no-cache
accept-ranges
bytes
content-length
35007
x-xss-protection
1;mode=block
x-request-id
3e038f159ab1d88c58713d163ed7d9c9
ppnif.html
player.svc.litv.tv/v3/ Frame 334C 		933 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/resources/freevideo/js/jquery-3.5.0.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6600:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4867d78d8cf2d27090f436525403b30019c5b9c6808f8c070e9aefd14d0de94c

Request headers

Referer
https://www.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
57782
content-length
933
content-type
text/html
date
Fri, 18 Nov 2022 04:00:15 GMT
etag
"caf8fef87489e046b536046382e0765f"
last-modified
Wed, 19 Oct 2022 05:58:43 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-id
qE6EXNb-Cc8qXVeD2K69Z4A6vQaZQX0sPlo85SlhMZ3SD-W7Pgg8sg==
x-amz-cf-pop
FRA56-P6
x-amz-version-id
EubvK8qNOIn_3kFVKMj4.KWYl3xiYsej
x-cache
Hit from cloudfront
json
ssp.hinet.net/api/web/request/ Frame E2AD 		671 B
843 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017023&s=201702000019&callback=jQuery35007995409739801762_1668801796333&_=1668801796334
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/resources/freevideo/js/jquery-3.5.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
465f4aed8d354d179e53a289ca2ae468cbc7601ba78b9729984eddb2fda805f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://www.hinet.net
date
Fri, 18 Nov 2022 20:03:16 GMT
access-control-allow-credentials
true
server
nginx
content-length
671
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
json
ssp.hinet.net/api/web/request/ Frame E2AD 		591 B
763 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017023&s=201702000020&callback=jQuery35007995409739801762_1668801796335&_=1668801796336
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/resources/freevideo/js/jquery-3.5.0.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
647c25bc1c936fc303c992cea16b30adb3d15051971531df82e542c12ab8daad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://www.hinet.net
date
Fri, 18 Nov 2022 20:03:16 GMT
access-control-allow-credentials
true
server
nginx
content-length
591
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame D196 		45 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 22:05:34 GMT
x-content-type-options
nosniff
age
79062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 22:05:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D196 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 11:59:40 GMT
x-content-type-options
nosniff
age
115416
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 11:59:40 GMT
695e9567e875d54c2e661e7adc962fc7.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/ Frame D196 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/695e9567e875d54c2e661e7adc962fc7.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31202d19710656ec3f32e2ca9a85f248f0fd0f786035ccfc09aaa94ef89816b2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 11:07:42 GMT
x-content-type-options
nosniff
age
118534
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36080
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:07:42 GMT
ppnio.js
player.svc.litv.tv/v3/ Frame 334C 		650 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/v3/ppnio.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6600:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8e9f1b04ba4aa0432fb62384b84c438523b6bdc1571f4a91e86aae39c01e8cef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
juVOQWwAP0XoHQx6Ev59SY_06qdNlC1l
content-encoding
gzip
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
date
Fri, 18 Nov 2022 00:58:02 GMT
last-modified
Wed, 19 Oct 2022 05:58:43 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
68736
etag
W/"6f4f3af59183bc8019e3f73a9096e53c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
_F2k0EfaYXE3TrcHFuJtdpn9yveCYG4-833ezYvUb8M36Y0HpEnesQ==
hinet3-schedule.json
player.svc.litv.tv/meta/vc/ Frame 3F7A 		26 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/meta/vc/hinet3-schedule.json?cb=38629
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6600:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7e7d50dff7e062f09548ecc0ce33b8be7579faae5a2a703ae55ce0c7e859eab4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
sqz4FK2BUFl8RcukBrDpZ9U6d36brxIk
content-encoding
gzip
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
date
Fri, 18 Nov 2022 20:03:16 GMT
last-modified
Thu, 17 Nov 2022 20:40:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
1
etag
W/"5014d0a03a4f652ffcca01a8132c2e4c"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=1800
x-amz-cf-id
YSq3t0SVeq8NTX7LPXlpAouIK6DBhDjE1tMs4ayun8ZbvTxJC-lljA==
truncated
/ Frame 3F7A 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a8609eeda77369cd567a813411d740959695b5a47db762f2f6dfbb6006cefcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png;charset=utf-8
vtt.min.js
vjs.zencdn.net/vttjs/0.14.1/ Frame 3F7A 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/vttjs/0.14.1/vtt.min.js
Requested by
Host: jsmodule.svc.litv.tv
URL: https://jsmodule.svc.litv.tv/videojs/7.20.3/video.novtt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a36011812516a45305217c2fc2d0a0b2fcf9e66e4c84708cc1b6818066024fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230104-FRA
date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
gzip
last-modified
Tue, 10 Apr 2018 19:42:19 GMT
etag
"52c6ba3260a51c570977f84d2bd7bf55"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
7089
x-cache-hits
22887
ads_check.js
fino.svc.litv.tv/acs/ Frame 3F7A 		36 B
513 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fino.svc.litv.tv/acs/ads_check.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-67.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c47ff9781e5c10d5b7a4edbd121682c9d6150251dfa4c0820f9939a70e623f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
EHi4EZ.gJdlfigQoKnOSB_rq9xJIQl9.
date
Fri, 18 Nov 2022 02:06:48 GMT
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
64588
x-cache
Hit from cloudfront
content-length
36
last-modified
Fri, 19 Feb 2021 02:39:49 GMT
server
AmazonS3
etag
"eccd8c86e285ee7d525d2b012ed3c06d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
hl6Im34KjIgbYBxhlfWJrzaBa0Gxdx7Wf3s0l_J7cwPD_ecPpS9_Rg==
bridge3.546.0_zh_tw.html
imasdk.googleapis.com/js/core/ Frame B9E5 		690 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b91ecb32957428249b27cca1c6818d9a3e62f3f9fef7d3537414c279fbe44a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://player.svc.litv.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
217129
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226834
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 07:44:27 GMT
expires
Thu, 16 Nov 2023 07:44:27 GMT
last-modified
Wed, 16 Nov 2022 07:23:53 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 3F7A 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Nov 2022 20:03:16 GMT
aGluZXQ=
fino.svc.litv.tv/showcase/ Frame 3F7A 		3 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fino.svc.litv.tv/showcase/aGluZXQ=
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-67.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b02e6b61207b6c49bd2a17f45889950307d0c21ef2d5fd7ccc803530ee0e7fa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
rdYtlrU07y0QRId_1zml5CGtq9zC9Kce
content-encoding
gzip
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
date
Fri, 18 Nov 2022 19:29:11 GMT
x-amz-cf-pop
FRA50-C1
age
15049
x-cache
Hit from cloudfront
last-modified
Fri, 15 Jul 2022 02:45:39 GMT
server
AmazonS3
etag
W/"db817b9dc04a09abcd1419cb907aea26"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, POST
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=43200
vary
Accept-Encoding,Origin
x-amz-cf-id
7DyfJZb9RdC3Y1RUEFOgqazzWmMOme2NBLZWR8bWDr6SbeFkUfhXYw==
ppn
pusti.svc.litv.tv/callback/ Frame 3F7A 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pusti.svc.litv.tv/callback/ppn
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.74.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
134.74.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
via
1.1 google
access-control-max-age
60
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-store, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p
sb.scorecardresearch.com/ Frame 3F7A 		43 B
262 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18986219&c3=1&cj=1&c4=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQz%7CaGluZXQ%3D&rn=1668801796437
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
43
x-amz-cf-id
FaNY8uhbbKtoav1d9nRaq8Jh9RrNIiskisF9ksx0uUD_jEtmV2vulA==
x-cache
Miss from cloudfront
content-type
image/gif
ppn
pusti.svc.litv.tv/callback/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pusti.svc.litv.tv/callback/ppn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.74.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
134.74.96.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://player.svc.litv.tv
access-control-max-age
60
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 18 Nov 2022 20:03:16 GMT
via
1.1 google
sync
api.svc.taiwanmedia.org/taiwan-media/puid/ Frame 001E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.svc.taiwanmedia.org/taiwan-media/puid/sync?luid=8080aeff-b8c6-4d1a-9927-a73ee1c786ad
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQz|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.124.131 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
131.124.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
via
1.1 google
access-control-max-age
60
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
cache-control
no-store, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
push
onead.onevision.com.tw/v2/app/ Frame 001E 		0
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onead.onevision.com.tw/v2/app/push?event=7000&p1=899654903&pub=8080aeff-b8c6-4d1a-9927-a73ee1c786ad
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.241.176 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
176.241.178.107.bc.googleusercontent.com
Software
gws / OneAD
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
via
1.1 google
age
0
x-powered-by
OneAD
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-onead-backend
onead-http-event-04tr-gohttp
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
server
gws
x-onead-guid
0a60f19b-677c-11ed-b851-0242ac130002
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
x-varnish
117437730
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
x-onead-version
1009c7b8
expires
Mon, 01 Jan 1990 00:00:00 GMT
ce
e2elog.fetnet.net/CM/ Frame 001E 		0
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e2elog.fetnet.net/CM/ce?ad_id=8080aeff-b8c6-4d1a-9927-a73ee1c786ad&chnl=litv&do=player.svc.litv.tv&dt=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.184.62.41 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:16 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
EMBED29.json
player.svc.litv.tv/meta/acs/hinet3/ Frame 3F7A 		13 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/meta/acs/hinet3/EMBED29.json?cb=38629
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6600:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
604e166945460e63fc2f154322f4ea873009230dc71da7ede053a54a16cf835c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQz|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
k6uObtAtBbVHPinslYEpHODMMjAvU2rR
content-encoding
gzip
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
date
Fri, 18 Nov 2022 19:29:13 GMT
last-modified
Fri, 18 Nov 2022 18:15:13 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
2044
etag
W/"ca7f27d70b20d8794ca986c6d9fd998d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=3600
x-amz-cf-id
QU5mu0hjTegQJnbelVRkG2eejO4iBlmE5lBWW3-2bVNCxtPo5GKshw==
js
www.googletagmanager.com/gtag/ Frame 001E 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-138079999-10&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a6f14ca7333c57d1950c3e0630acab83f353d2d41158323980ebfa740413d8bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43602
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Nov 2022 20:03:16 GMT
js
www.googletagmanager.com/gtag/ Frame 001E 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EKKX3GNP7C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dfbad66a10b2fd63c2e23ec254093b77368ded0e1230f8340757a9765a3e5e0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76608
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Nov 2022 20:03:16 GMT
collect
www.google-analytics.com/j/ Frame 001E 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1190411500&t=event&_s=1&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQz%7CaGluZXQ%3D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=player&ea=request&_u=aADAAUABAAAAACAAIC~&jid=562318636&gjid=1135611451&cid=1047831193.1668801796&tid=UA-138079999-6&_gid=1111182539.1668801796&_r=1&gtm=2oub90&z=332076672
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F810 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstGyGPrVVGKN6jah1Uev9mrEwfvx0W_QwElJaRO7JetPOKeHGLid-TdGrmcK-F1Vo7-XyA7NxWXY6RZ_hJOXWH08FPmY0dnYxHy78tWUvbo1y0e-2n26HU7by2VbR6YiDgAsmAM4KopXtD_drNL-bifcnsAFy4nftVSNKCu6a66GZb5J1zTcMHyul_uIQeR7uM9chaoJVWMOC7oIndPLuMLsUu8rkF4u2LO-5gDMjLthHZHNcrCc529HAHphx2Iz3Xdn2uAFNdCnozHXlvuLiESnLJh5UOQqZzv9UQiY8YZ8Hf3ZbuhRneggNYJm0vbFDI_i4RDronEW21aVh8-RzLpDuami8VGTA&sai=AMfl-YTezt4EDLTsS3yeN7Lv2FeDtS5gVdnU16B-miqjGodTwSg0JJIQOhTPG-_cDNCytlKFyyj9S8TfCp-evzN3yxQ3m-eZG70OvpdkPiVzggNlIuDHhL1_Jo2A6QUWlfOBWWDwyuikWH1cOHiisg2EtFo&sig=Cg0ArKJSzC3DL3wl9Pi_EAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:16 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F810 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44dd9f1eb07201c37efbd02ab665a0592ee37ed3795d69e1abb3ac24627647cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10901
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4D41 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cda6c3c4cc8df7c5b7802f32fcaa88e25c3742484df6f463d3cf823692280c88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11145
x-xss-protection
0
beacon.js
sb.scorecardresearch.com/ Frame 334C 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:45:34 GMT
content-encoding
gzip
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
last-modified
Tue, 28 Jun 2022 13:19:23 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P3
age
22663
x-amz-server-side-encryption
AES256
etag
W/"eaf85c1c6758e84acfe134efd70e9373"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
_q7gntEPx0UHqky42_7D2a7N3aHsTRhwTcpNd88eEb8qyiUoOkDC9Q==
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 334C 		370 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126568
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:16 GMT
analytics.js
www.google-analytics.com/ Frame E2AD 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P88FR8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Nov 2022 19:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2842
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 18 Nov 2022 21:15:54 GMT
1602122756.jpg
cdnstatic.svc.litv.tv/pics/embed_showcase/2020/10/ Frame 3F7A 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2020/10/1602122756.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-16.fra56.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
4e0524f6acc3a65c90b93b7760e6e58ae838e9dc9506c7f34f13fad5965a4e0f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 03:55:23 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
2477277
x-cache
Hit from cloudfront
content-length
144195
last-modified
Thu, 08 Oct 2020 02:05:57 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"2a2608-23343-5b11f45d8e8fc"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
j5gFRs8qz8NmURoGI0VrmRlljRty3Lie3vxhp9hiNEwiKez-dB5jWg==
expires
Sun, 20 Nov 2022 03:55:23 GMT
1616657474.JPG
cdnstatic.svc.litv.tv/pics/embed_showcase/2021/03/ Frame 3F7A 		333 KB
334 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2021/03/1616657474.JPG
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-16.fra56.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
01bfcffc34e1ea08d884a0d8af25c24044a13fdd2c1831362a485c74e3eaac35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 02 Nov 2022 06:51:37 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
1429882
x-cache
Hit from cloudfront
content-length
341080
last-modified
Thu, 25 Mar 2021 07:31:15 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"324620-53458-5be576685ebb4"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
PniMLUQUrET6X1rbl3lZgyIwlbLgqdjUeFsqBngZRhEWV0O9EkmGQg==
expires
Fri, 02 Dec 2022 06:51:37 GMT
1653458366.jpg
cdnstatic.svc.litv.tv/pics/embed_showcase/2022/05/ Frame 3F7A 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2022/05/1653458366.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-16.fra56.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
b148f438352f698bb6152b02803f64f38b075a81accb4d3ce30c12b82038c0e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 05:56:13 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
2210805
x-cache
Hit from cloudfront
content-length
34548
last-modified
Wed, 25 May 2022 05:59:27 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"4168b6-86f4-5dfcfc6a3522a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
2cnnltfdOY3LLf4iNLbe9KMtkvmmmfGUALHHS4vASGxEFrQ9sq40ag==
expires
Wed, 23 Nov 2022 05:56:13 GMT
1653458753.jpg
cdnstatic.svc.litv.tv/pics/embed_showcase/2022/05/ Frame 3F7A 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2022/05/1653458753.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-16.fra56.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
b564f84dfba92ae05b09b499a5194af6844d6b5e2d7f5c0130ed792aa3db87e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 27 Oct 2022 04:34:22 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
1956518
x-cache
Hit from cloudfront
content-length
37702
last-modified
Wed, 25 May 2022 06:05:55 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"4168b7-9346-5dfcfddc0e2be"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
jSOb0eZ7ZpeHX2u2HM5ceJfHdkXnF66xaO3OL_-WXIUSuyYosXAEVg==
expires
Sat, 26 Nov 2022 04:34:22 GMT
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 8172 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5a26e546724b7e80d5f586ea747aa43861f804ead9b6a5d3a2d42601c52275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 19:13:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
2988
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23357
x-xss-protection
0
server
cafe
etag
901223051904315509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Nov 2022 20:13:28 GMT
collect
stats.g.doubleclick.net/j/ Frame 001E 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-138079999-6&cid=1047831193.1668801796&jid=562318636&gjid=1135611451&_gid=1111182539.1668801796&_u=aADAAUAAAAAAACAAIC~&z=1703121423
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 18 Nov 2022 20:03:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
rpc
p-api02.svc.litv.tv/cdi/v2/ Frame 3F7A 		98 B
500 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p-api02.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.242.135.3 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
/
Resource Hash
ed7ea9fd1cc01b688caf8362a7f6727a0612f719730642d8e206f00f014ace58
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:17 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Id
cdrua1dnqcpcb84hhep0
Access-Control-Allow-Headers
Content-Type
rpc
p-api02.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-api02.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.242.135.3 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:17 GMT
Request-Id
cdrua1fj813prlha7i3g
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221117-23-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Nov 2022 20:03:16 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
2218
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230025-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1668801797.588439,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
42
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
10269
cm
t.ssp.hinet.net/ Frame 001E 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=3d711f&cid=8080aeff-b8c6-4d1a-9927-a73ee1c786ad&mp=2675b86f-e2c7-42ab-ba78-5831b3eae5b6
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
2675b86f-e2c7-42ab-ba78-5831b3eae5b6.t.ssp.hinet.net/ Frame 001E 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://2675b86f-e2c7-42ab-ba78-5831b3eae5b6.t.ssp.hinet.net/pixel?bd=2675b86f-e2c7-42ab-ba78-5831b3eae5b6&t=3d711f
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F810 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4457659720163747&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:16 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4D41 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:16 GMT
ads1.js
fino.svc.litv.tv/ads/ Frame 3F7A 		17 B
492 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fino.svc.litv.tv/ads/ads1.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-67.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af2ac8055983b59c939388ef2b32ef532b5eb338d4f1758be91a125d4f07d83f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
S0gUSQE16svoHk1.rmwu2P08mV03VNo6
date
Fri, 18 Nov 2022 07:46:34 GMT
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
44202
x-cache
Hit from cloudfront
content-length
17
last-modified
Thu, 18 Feb 2021 02:44:24 GMT
server
AmazonS3
etag
"8ba19eeed6689e4d7c76742e23055415"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
j9SdQqit73K8Oph_InW7JyPQkeA-aLlbbjc9HtgN-MJKxJ3scwbaYA==
rum.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame D196 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/rum.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e5a26e546724b7e80d5f586ea747aa43861f804ead9b6a5d3a2d42601c52275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 17:50:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
7952
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23357
x-xss-protection
0
server
cafe
etag
901223051904315509
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 17:50:44 GMT
analytics.js
www.google-analytics.com/ Frame 001E 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138079999-10&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Nov 2022 19:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2842
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 18 Nov 2022 21:15:54 GMT
collect
www.google-analytics.com/j/ Frame 001E 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1190411500&t=event&_s=1&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQz%7CaGluZXQ%3D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=player&ea=request&_u=aADAAUABAAAAACAAIC~&jid=1402838993&gjid=1225746541&cid=1047831193.1668801796&uid=8080aeff-b8c6-4d1a-9927-a73ee1c786ad&tid=UA-138079999-10&_gid=1111182539.1668801796&_r=1&gtm=2oub90&z=452020717
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ Frame 001E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EKKX3GNP7C&gtm=2oeb90&_p=1190411500&_gaz=1&cid=1047831193.1668801796&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=8080aeff-b8c6-4d1a-9927-a73ee1c786ad&sid=1668801796&sct=1&seg=0&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQz%7CaGluZXQ%3D&dr=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQz%7CaGluZXQ%3D&dt=&en=request&_fv=1&_ss=1&_ee=1&ep.event_category=player
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EKKX3GNP7C&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ Frame 001E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-EKKX3GNP7C&cid=1047831193.1668801796&gtm=2oeb90&aip=1&uid=8080aeff-b8c6-4d1a-9927-a73ee1c786ad
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EKKX3GNP7C&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame 001E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-EKKX3GNP7C&cid=1047831193.1668801796&gtm=2oeb90&aip=1&uid=8080aeff-b8c6-4d1a-9927-a73ee1c786ad&z=928863997
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b
sb.scorecardresearch.com/ Frame 334C 		0
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=18986219&c3=100001&cs_it=b3&cv=3.8.0.210223&ns__t=1668801796650&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQ2%7CaGluZXQ%3D&c8=&c9=https%3A%2F%2Fwww.hinet.net%2F
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
x-amz-cf-id
5A1lptgl3k08jDy5PCHl4GvGHVcqfHDDMpWgLCEDGYoNoTgSS5Apkw==
x-cache
Miss from cloudfront
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame D196 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 18:17:59 GMT
collect
www.google-analytics.com/j/ Frame E2AD 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1241803023&t=pageview&_s=1&dl=https%3A%2F%2Fwww.hinet.net%2Ftv%2Fmobile_iframe.html&dr=https%3A%2F%2Ftimes.hinet.net%2F&ul=en-us&de=UTF-8&dt=%E8%BF%BD%E5%8A%87%E7%B7%9A%E4%B8%8A%E7%9C%8B-HiNet%E5%85%8D%E8%B2%BB%E5%BD%B1%E9%9F%B3%7C%E5%BF%85%E8%BF%BD%E9%99%B8%E5%8A%87%E3%80%81%E5%8F%B0%E5%8A%87%E3%80%81%E6%97%A5%E5%8A%87%E3%80%81%E9%9F%93%E5%8A%87%E3%80%81%E9%9B%BB%E8%A6%96%E5%8A%87%E3%80%81%E6%96%B0%E8%81%9E%E7%9B%B4%E6%92%AD%E3%80%81%E7%B6%9C%E8%97%9D%E7%AF%80%E7%9B%AE&sd=24-bit&sr=1600x1200&vp=300x240&je=0&_u=QACAAAABAAAAAC~&jid=514074313&gjid=1843667570&cid=1365366507.1668801795&tid=UA-46698217-3&_gid=2022163553.1668801795&_r=1&gtm=2wgb90P88FR8&z=479500626
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hinet.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 8172 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lamxi3b1&chm=1&ctx=2&gqid=A-V3Y9-OFquA1fAP4qOv6A0&qqid=CKH22pHDuPsCFfWmcQodzaoICQ&met.4=fb.l3~cmrload.ns~lb.q1~ol.vx~bdt.-ez~bpp.-88~idt.-8~dtd.-1~dt.-89&met.3=733.r4~742.r3~748.rd~749.re~736.rl~735.rm_1~739.rm~738.vx~113.11j_4~112.11i_5&met.1=1.lamxi29i~6.1~7.1~8.1~9.1~10.p~11.1~12.q~13.k0~14.kh~15.kg~16.rn~17.rn~18.rn~19.vx~20.vx~21.vx~22.lt~23.lt&met.7=CAUQCBgBMOAFOP0IUAFYGWABaBlw0AV48-ECgAHH3wKIAbmzB7ABAbgBAw~CB8QBRgBIIUGKIUGML4GODlorQZwvQZ43SqAAbEoiAG3kgKwAQG4AQM~CCEQBBgBIIcGKIcGMMcGOEBoigZwxgZ4rAKwAQG4AQM~CAkQChgBIIgGKIgGMLwGODVAiAZIjAZQjAZYrQZgmAZorQZwugZ4gEyAAdRJiAH6ugGwAQG4AQM~CCgQBRgBIMsGKMsGMNoGOBBozQZw2gZ4vQOAAZEBiAGPAbABAbgBAw~CB4QChgBIMsGKMsGMI0HOEJo_gZwjAd4gAyAAdQJiAGBFbABAbgBAw~CBwQBRgBIMwGKMwGMNcGOAs~CBwQChgBIMwGKMwGMKYHOFlQzQZY_gZgzQZo_gZwjQd4zjyAAaI6iAH4jAGwAQG4AQM~CBwYASDRBijRBjCgBzhQUNEGWO4GYNEGaO4GcKAHeKwCsAEBuAED~CCoQChgBIKkHKKkHMMoHOCI~CCgQChgBIKcJKKcJMLUJOA5oqAlwtQl46bgBgAG9tgGIAefuA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4009:82e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame E2AD 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-46698217-3&cid=1365366507.1668801795&jid=514074313&gjid=1843667570&_gid=2022163553.1668801795&_u=QACAAAAAAAAAAC~&z=1242429810
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 18 Nov 2022 20:03:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.hinet.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
video.novtt.min.js
jsmodule.svc.litv.tv/videojs/7.20.3/ Frame 334C 		551 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsmodule.svc.litv.tv/videojs/7.20.3/video.novtt.min.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:237b:0:9:f0ff:5340:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cfa7fa2f983c68f068d1286c9d309ca3537732b7937d673250ccdd203bc86bf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
qeyBfoxlwVUb4i5trti3hbZ1JvGdPfjP
content-encoding
gzip
via
1.1 82fccbbb63aecdd468ad9737a31e6b2c.cloudfront.net (CloudFront)
date
Fri, 18 Nov 2022 10:34:49 GMT
last-modified
Wed, 12 Oct 2022 03:50:10 GMT
server
AmazonS3
x-amz-cf-pop
BOM78-P4
age
37231
etag
W/"7c3406c18e91c1c0821aaa8bbed51332"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
yBYc4o_TQ0xVDL9qX2wnndTU57MigpL_LvOm_ZiIVRkRU-2OT1Wnwg==
/
pips.taboola.com/ 		64 B
244 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
2ade426a28a1101d7b5f72b46d79b9a2a67801ae9d38cc5047c9a410875151fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230036-FRA
date
Fri, 18 Nov 2022 20:03:16 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://times.hinet.net
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
collect
stats.g.doubleclick.net/j/ Frame 001E 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-138079999-10&cid=1047831193.1668801796&jid=1402838993&uid=8080aeff-b8c6-4d1a-9927-a73ee1c786ad&gjid=1225746541&_gid=1111182539.1668801796&_u=aADAAUABAAAAACAAIC~&z=1727532792
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Fri, 18 Nov 2022 20:03:16 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3BC4 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 19:04:35 GMT
expires
Sat, 18 Nov 2023 19:04:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2404 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
538c72d3684a88df52c89796de73b98aa74cc6e7ce3d8826be58daa3f1953708
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-z_4lLbrsMYOspN6yO-YV6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-z_4lLbrsMYOspN6yO-YV6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:16 GMT
expires
Fri, 18 Nov 2022 20:03:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6B69 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3521
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 19:04:35 GMT
expires
Sat, 18 Nov 2023 19:04:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E64B 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
19d58a7a7cf3194024f6f0ae6f1747280d554d1cee42aaf837c8892dc10d661c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-eQfnPJ6y4lOTFoU5DecijQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-eQfnPJ6y4lOTFoU5DecijQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:16 GMT
expires
Fri, 18 Nov 2022 20:03:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
csi
csi.gstatic.com/ Frame D196 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lamxi3d5&ctx=3&gqid=A-V3Y9-OFquA1fAP4qOv6A0&qqid=CKH22pHDuPsCFfWmcQodzaoICQ&met.7=CB8QCBgBMDk49wJoKXA4eN0qgAGxKIgBt5ICsAEBuAED~CBwQChgBIEQoRDCUAThQaHlwkgF4ixeAAd8UiAGFMrABAbgBAw~CBwQChgBIEQoRDCSAThOaHlwjAF4l2iAAetliAHujgKwAQG4AQM~CB8QChgBIEUoRTClAThhaHlwlQF47usBgAHC6QGIAZq4BrABAbgBAw~CBIQBxgBILEBKLEBMIECOFBAsQFIsgFQsgFY6gFgyQFo6gFwgQJ4oQeAAfUEiAGaKKoBJgoKUm9ib3RvOjUwMAoLUmFsZXdheTo2MDAKC1JhbGV3YXk6NzAwsAEBuAED~CB8QBhgBILEBKLEBMMMBOBJosgFwwAF46dQBgAG90gGIAb3SAbABAbgBAw~CB8QBhgBILEBKLEBMMUBOBRosgFwxAF4rASAAYACiAHdArABAbgBAw~CB8QBhgBILEBKLEBMMYBOBRosgFwxQF43guAAbIJiAGyCbABAbgBAw~CB8QBhgBIKQCKKQCMLcCOBNopQJwswJ4nJwCgAHwmQKIAfCZArABAbgBAw~CBgQChgBIPkDKPkDMIoEOBFo-QNwhwR46bgBgAG9tgGIAefuA7ABAbgBAw~CCcQChgBILEEKLEEML8EOA4
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4009:82e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:17 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=c78491ff-2206-4058-b6d0-5949b4935819-tucta716a82&uad=41a8990d122f143d451739e4b1f703abbbe64adfa7083efc81af5dbd97ea8c71&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 18 Nov 2022 20:03:17 GMT
cache-control
no-store
server
nginx
container.html
0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FDCB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:16 GMT
expires
Sat, 18 Nov 2023 20:03:16 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
impression
ssp.tenmax.io/supply/tracking/ 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/impression?bid=09e6a6f0-677c-11ed-a98d-8f82c9fddd8e&chid=646c4a45f0544a8c&sid=2f0bd42ae1064b18&lineitemid=5346731421
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:16 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
pixel
164582de-f8ec-40d2-a370-995413964d97.t.ssp.hinet.net/ Frame E2AD 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://164582de-f8ec-40d2-a370-995413964d97.t.ssp.hinet.net/pixel?bd=164582de-f8ec-40d2-a370-995413964d97&t=426409
Requested by
Host: www.hinet.net
URL: https://www.hinet.net/tv/mobile_iframe.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:16 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame E64B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=398688153937301&rc=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 2404 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3341626603551332&rc=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 3BC4 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 18:17:59 GMT
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 6B69 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92717
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 18:17:59 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame CDDD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C84YHBOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhAJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJXdMpp_WxNpwS64axxUxVh8OorUTptnGUM2EQh57XFL3DisyRz9-OAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItOTQ2NzE0NDQ5MTUzNzc0NRjqjxg&sigh=_yhldHttyek&uach_m=[UACH]&cid=CAQSPADq26N9-2igQrMMglsyesW_L9tQwgXeJeFYhPz8GaBJe6k2XqtMxRYter6SdECLtVmp3pX6S8qynDkXVRgBIBM
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
winResponse
prod-rtb.ad4mat.net/ Frame CDDD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1j9ses1z8vqht4wdsdxk6xf3490w1hxjk0gs3xxwr0q90zf1n61qbg6kkh63xhtgp4qnn798vxxanw78ajjc258zsfx0a2tx4snpg6sz162np9hz46564xv8kzhg2ze2h86hdhw5sy8kdv5njfhqqh3mtpyhk2wwz57e4rdcse1x2a6bgxtm0pbbpe54q8pvmjw53axc2rn1n1r33ebmwa1m9x3ahz4400qd3zg7d5mxjfn8bmd9ts215mxmwc8fmd5rdkc863sw58x6gv8twfpew40fy7vpj916t1fmmwmcpwp832g6ges4tjj5na0a9wdh36xcf3wsyvmm02k4d0wvy8njntx1d7rp8s6wn5hkyr9j7b5v8akqvwh1ffb9sa3avchj42sa7cr&b=Y3flBAACqy4H_Z6HAASSTqYl8T6LXQ8pZp_byw
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 18 Nov 2022 20:03:16 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
dr
as.ad4m.at/ad/ Frame 1128 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/dr?ed=1gk00r51mhhhb95g164kbpt9hmxxk8mrc12tjk2s45nm9vqt7a1fdrtp4tct94ejk3txbwcr7t4kv6fm0zk969mfv4fdzwex5sajz4st3ng5w9058pcp3ke3mnvf5dhhdvn53rfrzyedw93mzfq92g19s4ye05r1qfs3j5j96b1h2e9j46qb78aftjxaaw0wh20zrsvmay93ad5t9vmhg25msfhaym9zk3xe688rgwc95r69ry4wzz7bkewv83x60zdszh60y37n34vt1zns0brzmqfccxrhcrxe3jfrw8kze8gqctaz1fts93ab2ygfz8savhw487nty81h2caasb21paayev6cj0gcv07fjdxbhnk5f8p0rsv8jtbw15e3zsyq9jzy13sct5d0y6cg2bqbzkr5wh9s3cwrh85v7kgcrcfgsh9zxhzshv5frrw6spmvn1rc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo9O1BOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhwJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJWfMLvtjOrugeY_I4qOjMqOA57e45FJAZ6200HrFeVV8CB5FYO9MHuWmOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gHNbYOXopeVDE38mqc2AP5fCS5g%26client%3Dca-pub-9467144491537745%26adurl%3D
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f72a92db0ccb8f7560cb76d7bbd47185e85d12ed8427ab39ad0c35dc0bd9216
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
76c34efeb9929a30-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:16 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CDDD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:01:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
7318
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 18:01:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4CB1 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5354
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 18:34:02 GMT
etag
48472445140208031
expires
Sat, 19 Nov 2022 18:34:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame CDDD 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16051
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:35:45 GMT
l
www.google.com/ads/measurement/ Frame CDDD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSy1QAu8gNAwPtceeF7b8TH6A8pTu0GBi81sJLwuGOQuiFsswbrz3LRi2IQc6OW-sj2bCz_1w1RPnRshz0qiQ4fqKIyww
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame CDDD 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 15:43:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
274787
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 15:43:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CDDD 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:17 GMT
truncated
/ Frame CDDD 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5c1644c1130341e57dbdcddb81916a59cfa998c03f8216d604ffa652966d5b04

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame 1128 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gk00r51mhhhb95g164kbpt9hmxxk8mrc12tjk2s45nm9vqt7a1fdrtp4tct94ejk3txbwcr7t4kv6fm0zk969mfv4fdzwex5sajz4st3ng5w9058pcp3ke3mnvf5dhhdvn53rfrzyedw93mzfq92g19s4ye05r1qfs3j5j96b1h2e9j46qb78aftjxaaw0wh20zrsvmay93ad5t9vmhg25msfhaym9zk3xe688rgwc95r69ry4wzz7bkewv83x60zdszh60y37n34vt1zns0brzmqfccxrhcrxe3jfrw8kze8gqctaz1fts93ab2ygfz8savhw487nty81h2caasb21paayev6cj0gcv07fjdxbhnk5f8p0rsv8jtbw15e3zsyq9jzy13sct5d0y6cg2bqbzkr5wh9s3cwrh85v7kgcrcfgsh9zxhzshv5frrw6spmvn1rc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo9O1BOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhwJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJWfMLvtjOrugeY_I4qOjMqOA57e45FJAZ6200HrFeVV8CB5FYO9MHuWmOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gHNbYOXopeVDE38mqc2AP5fCS5g%26client%3Dca-pub-9467144491537745%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gk00r51mhhhb95g164kbpt9hmxxk8mrc12tjk2s45nm9vqt7a1fdrtp4tct94ejk3txbwcr7t4kv6fm0zk969mfv4fdzwex5sajz4st3ng5w9058pcp3ke3mnvf5dhhdvn53rfrzyedw93mzfq92g19s4ye05r1qfs3j5j96b1h2e9j46qb78aftjxaaw0wh20zrsvmay93ad5t9vmhg25msfhaym9zk3xe688rgwc95r69ry4wzz7bkewv83x60zdszh60y37n34vt1zns0brzmqfccxrhcrxe3jfrw8kze8gqctaz1fts93ab2ygfz8savhw487nty81h2caasb21paayev6cj0gcv07fjdxbhnk5f8p0rsv8jtbw15e3zsyq9jzy13sct5d0y6cg2bqbzkr5wh9s3cwrh85v7kgcrcfgsh9zxhzshv5frrw6spmvn1rc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo9O1BOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhwJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJWfMLvtjOrugeY_I4qOjMqOA57e45FJAZ6200HrFeVV8CB5FYO9MHuWmOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gHNbYOXopeVDE38mqc2AP5fCS5g%26client%3Dca-pub-9467144491537745%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
strict-transport-security
max-age=86400; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status
HIT
age
182255
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=91232
surrogate-control
no-store
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy
unsafe-none
server
cloudflare
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
76c34eff4a12906a-FRA
expires
0
r62eglto.js
ad4m.at/ Frame 1128 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gk00r51mhhhb95g164kbpt9hmxxk8mrc12tjk2s45nm9vqt7a1fdrtp4tct94ejk3txbwcr7t4kv6fm0zk969mfv4fdzwex5sajz4st3ng5w9058pcp3ke3mnvf5dhhdvn53rfrzyedw93mzfq92g19s4ye05r1qfs3j5j96b1h2e9j46qb78aftjxaaw0wh20zrsvmay93ad5t9vmhg25msfhaym9zk3xe688rgwc95r69ry4wzz7bkewv83x60zdszh60y37n34vt1zns0brzmqfccxrhcrxe3jfrw8kze8gqctaz1fts93ab2ygfz8savhw487nty81h2caasb21paayev6cj0gcv07fjdxbhnk5f8p0rsv8jtbw15e3zsyq9jzy13sct5d0y6cg2bqbzkr5wh9s3cwrh85v7kgcrcfgsh9zxhzshv5frrw6spmvn1rc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo9O1BOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhwJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJWfMLvtjOrugeY_I4qOjMqOA57e45FJAZ6200HrFeVV8CB5FYO9MHuWmOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gHNbYOXopeVDE38mqc2AP5fCS5g%26client%3Dca-pub-9467144491537745%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
292992
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 27 Jul 2022 10:39:11 GMT
server
cloudflare
etag
W/"a69f5acd9289c65e67397be142bc2c3f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NH5UeeBVs9IoHeAs2U0xaag6K8%2FO8bn1%2FnMqYci%2FhhrUZRSXzfaGue933Z5nzbZMg4CnNDp%2B9d60sWtO3IWnD1GK%2BCaluMXqmI66xvtp7VZeHvAnG2nUz2bebW3i%2F%2Ba8FRBLf1g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
76c34eff3bf79a30-FRA
expires
Tue, 08 Nov 2022 10:40:11 GMT
dpixel
cms.quantserve.com/ Frame 4CB1 		35 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDiJm48DMwALD8FiYbGioxA&google_cver=1&google_push=ASkJ3FbgWQZoy3R5cPF0_vgojF_bmzylo-hzWbmOPRRXyGIqPR-_V30z6smlUzaxEbVywD3ZBsqdruDlKwc9xzsEKCki1TS3sxwcXA
Requested by
Host: 0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
URL: https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:17 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 4CB1 		43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEI4uJFN3ez2stgAm6fihmgY&google_push=ASkJ3Fbxdo_-E0IBEyeAmcn30oQ68-wrC5IBZo2zOsYu00KQv_EUQVFNNnZhznoSVpY_A2CrLT7fMFIlnyqn-VD0sq-2hSfWX-wNaQ&google_cver=1
Requested by
Host: 0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
URL: https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:17 GMT
via
1.1 google
server
Apache
content-type
image/gif;charset=UTF-8
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
dds
rtb.openx.net/sync/ Frame 4CB1 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEEEoy4hkYt7kiHfLyshXMMM&google_cver=1&google_push=ASkJ3FY1xoa78F_SsFo3c71h4knqdHRLZUzzCwNtkiaSV4xVIdQn9h4IeqgFKZoULyQlQNYZbOwHcMlPGOgoUq6m6G_Tc0Ibf8LEyQ
Requested by
Host: 0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
URL: https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:16 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
dtu0pf0nec2o2p4r6asf7vo15t6bj33b
pixel
cm.g.doubleclick.net/ Frame 4CB1
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1cwuG1_IQi2J0cinVHbt-w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1cwuG1_IQi2J0cinVHbt-w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ28crvcqgGPGyI90VlL5IkQrDpMn344UED6kKC8yrXe9aNVANb36at5BPaq1vAqPFvERqZ5ulfeTwIRC9FC8v1D_hoNkLTmw
Requested by
Host: 0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
URL: https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=1cwuG1_IQi2J0cinVHbt-w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FZ28crvcqgGPGyI90VlL5IkQrDpMn344UED6kKC8yrXe9aNVANb36at5BPaq1vAqPFvERqZ5ulfeTwIRC9FC8v1D_hoNkLTmw
date
Fri, 18 Nov 2022 20:03:15 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4CB1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEI00szDvYSvHVyjApuzV-8o&google_cver=1&google_push=ASkJ3FbOFYpqaMdwSOUOn1gLdVi17XhpzZ3vIUksto6BPlTLJBrc5XWpTfJXkourZpapr7trbMU...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFNWEkzTEQtVy1LRVIz&google_push=ASkJ3FbOFYpqaMdwSOUOn1gLdVi17XhpzZ3vIUksto6BPlTLJBrc5XWpTfJXkourZpapr7trbMU0V_L74lD2OThzXVneu-HAX5zM6w
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFNWEkzTEQtVy1LRVIz&google_push=ASkJ3FbOFYpqaMdwSOUOn1gLdVi17XhpzZ3vIUksto6BPlTLJBrc5XWpTfJXkourZpapr7trbMU0V_L74lD2OThzXVneu-HAX5zM6w
Requested by
Host: 0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
URL: https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEFNWEkzTEQtVy1LRVIz&google_push=ASkJ3FbOFYpqaMdwSOUOn1gLdVi17XhpzZ3vIUksto6BPlTLJBrc5XWpTfJXkourZpapr7trbMU0V_L74lD2OThzXVneu-HAX5zM6w
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
pixel
cm.g.doubleclick.net/ Frame 4CB1
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEP6pBWpG5n4HXLnV4Fm10YI&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEP6pBWpG5n4HXLnV4Fm10YI&google_push=AS...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP6pBWpG5n4HXLnV4Fm10YI&google_hm=Y3flBRcDwPfSrsIl_kTANQAABFAAAAAB&google_nid=index&google_push=ASkJ3FbZDKeMi_fxkzqAaHiT7FTb8SN-EyQYN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP6pBWpG5n4HXLnV4Fm10YI&google_hm=Y3flBRcDwPfSrsIl_kTANQAABFAAAAAB&google_nid=index&google_push=ASkJ3FbZDKeMi_fxkzqAaHiT7FTb8SN-EyQYNOJ51y2wuLiHvMdY2AHCaMA1QUEVDjT7R0tjlLPsokZ3wbArWaOad6OHmieaYAPFUw
Requested by
Host: 0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
URL: https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:17 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:17 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQ%2F%2BYEJ72k2VzBA6A9XUZMI8fKz52YX3Yb%2F%2FNkzYZ0Ke6UUhoeXN3CM5TiQNmQON2JfM1c9SyLhfKXlw3nLZ50QkjgkIT%2FAfflJ%2F32z5ITerPiah%2B3V70L8m%2Foa9z7%2FRRBscNoG51Ek2Ww%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEP6pBWpG5n4HXLnV4Fm10YI&google_hm=Y3flBRcDwPfSrsIl_kTANQAABFAAAAAB&google_nid=index&google_push=ASkJ3FbZDKeMi_fxkzqAaHiT7FTb8SN-EyQYNOJ51y2wuLiHvMdY2AHCaMA1QUEVDjT7R0tjlLPsokZ3wbArWaOad6OHmieaYAPFUw
cache-control
no-cache
cf-ray
76c34f004b59bb61-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
googleredir
googlecm.hit.gemius.pl/ Frame 4CB1 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 4CB1 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IQb5VuyCYmbg7bGh_WA6L-dYB6HTCa34AikFzbzpqUxshhlHH5wlhqCYeitnSoGTXwTJ6GFQ
Requested by
Host: 0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
URL: https://0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
ex.html
player.svc.litv.tv/v3/ Frame AC35 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6600:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
acdfd0556eb63b1b400a99d4600b64db9d4edf7e2fea2c08d5d235c9f5ace0f7

Request headers

Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
15127
content-encoding
gzip
content-type
text/html
date
Fri, 18 Nov 2022 15:51:59 GMT
etag
W/"a6c491ecdefcdd37c968367f53c33743"
last-modified
Wed, 19 Oct 2022 05:58:43 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
x-amz-cf-id
28K9eVP948MciGoVaZAPlKlQQ6rwizAwSbFdvu0nsYrevegTtbfuZA==
x-amz-cf-pop
FRA56-P6
x-amz-version-id
rkX_ih1LPxrCwsVVjH1BLrmUDUf1cYuG
x-cache
Hit from cloudfront
hinet6-config.json
player.svc.litv.tv/meta/config/ Frame 334C 		847 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/meta/config/hinet6-config.json?cb=38629
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6600:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c84781905f58d97b5ff9d0bc798d47b1dae59f7580bb1b1dc1cf33b3b741dc53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
sv3yZDdbP3lZNmJkixgQI4anf8V9mds3
date
Fri, 18 Nov 2022 19:29:12 GMT
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
last-modified
Fri, 11 Nov 2022 00:05:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
5361
etag
"75bb20825c55a7543f7768ab5971dfe6"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=43200
accept-ranges
bytes
content-length
847
x-amz-cf-id
e0ckz5JzZIrsbg9ohrw-YsX_q1LMaX6qAaV5MHnWZLRNzw_kLNU6vQ==
js
www.googletagmanager.com/gtag/ Frame AC35 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12c9d6d2916997db91b922f730ad10a96051e8811bb77d6b7d16c7eb09d641dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43614
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 18 Nov 2022 20:03:17 GMT
utag.js
t.ssp.hinet.net/ Frame AC35 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/utag.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
strict-transport-security
max-age=0
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 03:58:03 GMT
server
nginx
etag
W/"63745fcb-142e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
expires
Fri, 18 Nov 2022 20:13:17 GMT
hinet6-schedule.json
player.svc.litv.tv/meta/vc/ Frame 334C 		29 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/meta/vc/hinet6-schedule.json?cb=38629
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6600:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2f98901f12da5267751a1cf392249ff92e9c6672fba36e637305b1ce56e42c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
dYzGGlbDtrE0Qf58jw4TQThvTI.icdev
content-encoding
gzip
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
date
Fri, 18 Nov 2022 20:03:17 GMT
last-modified
Thu, 17 Nov 2022 20:42:09 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
198
etag
W/"c6dfd017e98b9a85b1e2ac37d65d3478"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=1800
x-amz-cf-id
9YjpuHOEixe19N36-1KXntUDVg0D35fcsaGxMFBBSH8Npg8gY_2l8Q==
truncated
/ Frame 334C 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9a8609eeda77369cd567a813411d740959695b5a47db762f2f6dfbb6006cefcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png;charset=utf-8
vtt.min.js
vjs.zencdn.net/vttjs/0.14.1/ Frame 334C 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/vttjs/0.14.1/vtt.min.js
Requested by
Host: jsmodule.svc.litv.tv
URL: https://jsmodule.svc.litv.tv/videojs/7.20.3/video.novtt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5a36011812516a45305217c2fc2d0a0b2fcf9e66e4c84708cc1b6818066024fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230104-FRA
date
Fri, 18 Nov 2022 20:03:17 GMT
content-encoding
gzip
last-modified
Tue, 10 Apr 2018 19:42:19 GMT
etag
"52c6ba3260a51c570977f84d2bd7bf55"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
7089
x-cache-hits
22888
ads_check.js
fino.svc.litv.tv/acs/ Frame 334C 		36 B
504 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fino.svc.litv.tv/acs/ads_check.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-67.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c47ff9781e5c10d5b7a4edbd121682c9d6150251dfa4c0820f9939a70e623f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
EHi4EZ.gJdlfigQoKnOSB_rq9xJIQl9.
date
Fri, 18 Nov 2022 02:06:48 GMT
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
64589
x-cache
Hit from cloudfront
content-length
36
last-modified
Fri, 19 Feb 2021 02:39:49 GMT
server
AmazonS3
etag
"eccd8c86e285ee7d525d2b012ed3c06d"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
bBjJM9HtXiFx-_48X2n3vRX9dqA4pcyrtDDPXdYi4hTijS2AEU3qhA==
bridge3.546.0_zh_tw.html
imasdk.googleapis.com/js/core/ Frame 10EF 		690 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b91ecb32957428249b27cca1c6818d9a3e62f3f9fef7d3537414c279fbe44a95
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://player.svc.litv.tv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
217130
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226834
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 07:44:27 GMT
expires
Thu, 16 Nov 2023 07:44:27 GMT
last-modified
Wed, 16 Nov 2022 07:23:53 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame 334C 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Nov 2022 20:03:17 GMT
ppn
pusti.svc.litv.tv/callback/ Frame 334C 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pusti.svc.litv.tv/callback/ppn
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.74.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
134.74.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
via
1.1 google
access-control-max-age
60
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-store, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Content-Type
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p
sb.scorecardresearch.com/ Frame 334C 		43 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=8&c2=18986219&c3=1&cj=1&c4=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQ2%7CaGluZXQ%3D&rn=1668801797122
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-105.fra60.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
via
1.1 d262e104d5d9dd6a4a52f090bdf9395c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
content-length
43
x-amz-cf-id
F1j68khQdTUSGQ6QDK0oBrtOWxlHcKSNBTecUPqBhp2DFb_fmp5Isg==
x-cache
Miss from cloudfront
content-type
image/gif
ppn
pusti.svc.litv.tv/callback/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://pusti.svc.litv.tv/callback/ppn
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.74.134 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
134.74.96.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://player.svc.litv.tv
access-control-max-age
60
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 18 Nov 2022 20:03:17 GMT
via
1.1 google
gtm.js
www.googletagmanager.com/ Frame AC35 		106 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TXVNLXL
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
23b9238d756b2b168c28c83fb60560b952638ece8079c5e5bc423a022bc5d5d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41917
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 18 Nov 2022 20:03:17 GMT
EMBED34.json
player.svc.litv.tv/meta/acs/hinet6/ Frame 334C 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.svc.litv.tv/meta/acs/hinet6/EMBED34.json?cb=38629
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:6600:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
5f9116a1399823ea48dafc6c485f8a53abbfd10b23436e8fc0a99f0764988fe4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/v3/ppnif.html?s=aGluZXQ2|aGluZXQ=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
ndxhRlM1GYDCiFSbhVuTfJF.qqpg8kH_
content-encoding
gzip
via
1.1 149b1af6ad8d2c0fedea82bfb1c29c66.cloudfront.net (CloudFront)
date
Fri, 18 Nov 2022 19:29:15 GMT
last-modified
Fri, 18 Nov 2022 18:15:14 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
2043
etag
W/"3186c15ab4369d0a7b0afab04e73245e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
cache-control
max-age=3600
x-amz-cf-id
iZeLoYMs0Sg4l2tdQ68rLyoFsudzRkoppog1CUog7wo0soFy_KAk3Q==
popin_send_cookie_set_fail.js
api.popin.cc/test/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:17 GMT
x-amz-version-id
NVPBtcLlaQ0R5YVGUD48RBS0d2V00MrK
Content-Encoding
gzip
Last-Modified
Mon, 11 Oct 2021 03:29:29 GMT
Server
nginx
ETag
W/"27aab2e5fb58e044704790074416e410"
X-Cache-Status
HIT from 10.252.55.25
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Expires
Fri, 18 Nov 2022 21:03:17 GMT
generate_204
tpc.googlesyndication.com/ Frame 3BC4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BYNUMQ
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
truncated
/ Frame 334C 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90ee20c6b2fe58c0bc327b411d5a68e2be5eea7b37eb642ee9e1a73f4c51f5eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/jpeg;charset=utf-8
generate_204
tpc.googlesyndication.com/ Frame 6B69 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BNUx6A
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
rpc
p-api03.svc.litv.tv/cdi/v2/ Frame 334C 		98 B
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p-api03.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.242.135.3 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
/
Resource Hash
7a638a3c8fc99b39bf4ffc2224211a530cdeaebab0d2236beb596755a35896f7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:18 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Transfer-Encoding
chunked
Request-Id
cdrua1nj813prlha7ing
Access-Control-Allow-Headers
Content-Type
rpc
p-api03.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-api03.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
210.242.135.3 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:18 GMT
Request-Id
cdrua1jpdsmertkmu7v0
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 1128 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
25706079
x-guploader-uploadid
ADPycdvuqSd5z7x-P6zciDvJguhfevnTZzPv-sFvdv4VVTj2cCVUndir5fZqBzjNPOlq80uW-sAFhIkV33WDoT1aRSnwIseHrQ
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ERDrGPCiQ%2BPtz%2BrT3wCgeyiFgH8ogZqka7pUWFKTr5zo7AOaPCVi8U8wxHPwFz5HQrk0FK6JzBG8HyWG%2FHIISX29JU98oeUWsaUu%2FgDI0tdUN%2B%2FlOR2vmtLZzircyaP5F5WkC49cjy5xhKXR361MuNJ"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
76c34f017a7e5cb0-FRA
expires
Wed, 25 Jan 2023 07:28:38 GMT
js
www.googletagmanager.com/gtag/ Frame AC35 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-138079999-6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
8fc7e33f886b5624e02fc55f874da2c1b9627aa7652856f2eb3d2f06d336a339
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43740
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Nov 2022 20:03:17 GMT
js
www.googletagmanager.com/gtag/ Frame AC35 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JRLWM3RJSP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54e24e0d3e1d1c36f1e814e8c71e28f546faeca210e78c019016e045336b96fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76611
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Nov 2022 20:03:17 GMT
js
www.googletagmanager.com/gtag/ Frame AC35 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-138079999-10&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
3c6d81022d9690b13ec3a5458d25b0c47b3591483059df871fda7ee3bd11b112
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43603
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Nov 2022 20:03:17 GMT
js
www.googletagmanager.com/gtag/ Frame AC35 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EKKX3GNP7C&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dfbad66a10b2fd63c2e23ec254093b77368ded0e1230f8340757a9765a3e5e0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76608
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Nov 2022 20:03:17 GMT
ads1.js
fino.svc.litv.tv/ads/ Frame 334C 		17 B
483 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://fino.svc.litv.tv/ads/ads1.js
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-67.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
af2ac8055983b59c939388ef2b32ef532b5eb338d4f1758be91a125d4f07d83f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-amz-version-id
S0gUSQE16svoHk1.rmwu2P08mV03VNo6
date
Fri, 18 Nov 2022 07:46:34 GMT
via
1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
age
44203
x-cache
Hit from cloudfront
content-length
17
last-modified
Thu, 18 Feb 2021 02:44:24 GMT
server
AmazonS3
etag
"8ba19eeed6689e4d7c76742e23055415"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
vary
Accept-Encoding,Origin
accept-ranges
bytes
x-amz-cf-id
AtCmn4DWks73d8jMwJAb88MWXn8EWl66emGctwxCt264IiilVqoaCg==
frame.html
ad4m.at/ Frame D3F2 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1987084
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
76c34f017e58906a-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Fri, 18 Nov 2022 20:03:17 GMT
expires
Wed, 26 Oct 2022 21:05:13 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrCMtmU01aXRmNw8oUiUldGd%2B%2Fm4%2Fy0lnn%2BLEH7LiFG%2FxkiGYe6%2FHUWCch9SO90rV8DGyCYNH8DtaEcVr9hT%2B8%2FV1vX38U3hZP%2BlhM7TDs1Jq%2BY%2F5GwMrGkPBI9zIhd4TJV4BPs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ Frame AC35 		214 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YSPHD5H7XJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXVNLXL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
aee799c4778776cafb4ecf97d1a209be0013c5df5e67c50dc24d946d18c6017c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76619
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 18 Nov 2022 20:03:17 GMT
ytc.js
s.yimg.com/wi/ Frame AC35 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/ytc.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:02:38 GMT
x-amz-version-id
.QD3nDfK79S8_ikLSJXTL23Tdis9tg0C
content-encoding
gzip
strict-transport-security
max-age=15552000
x-content-type-options
nosniff
x-amz-request-id
9BZ7FZRZJF41NZ48
age
40
x-amz-server-side-encryption
AES256
content-length
5929
x-amz-id-2
h6/8S8e+2gOQOm3lU+RArNERjhQSrMz+XNSw5IyT7D7Ary27aTLtAydMRqK2OVUJwvLf55+NZUo=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Thu, 20 Jul 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Tue, 14 Jun 2022 12:21:31 GMT
server
ATS
etag
"6a624022b5d271dcefb070b0b6670abc-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=3600
accept-ranges
bytes
lightintegration.js
redir.adap.tv/redir/javascript/ Frame AC35 		31 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://redir.adap.tv/redir/javascript/lightintegration.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXVNLXL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.229.221.28 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB1) /
Resource Hash
1e15f65bcef05f2ea9f54e051da9bf7e6fc9eb00a669905c9ed33f4fd7ba26f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
x-amz-version-id
XGOCJEPvmrIOhn2ZV_.qAlIiRmN7Rqa0
nel
{"report_to": "default", "max_age": 86400, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.001}
age
152984
x-amz-request-id
A7AJQZAJW6ER4QQG
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
31633
x-amz-id-2
tzFfqY1wObwpRfUOcfgg6Lx5y9rEG0Ay4enN6eVDxwAN57VB7iqPAXN9twmFLVjT+SsLW1zzLwk=
last-modified
Wed, 13 Sep 2017 23:08:44 GMT
server
ECAcc (frc/4CB1)
x-amz-meta-s3cmd-attrs
uid:1000/gname:adaptv/uname:adaptv/gid:1000/mode:33188/mtime:1505344053/atime:1505344249/md5:1de3d0b5f3cbe8b1e87e274f129ac0e7/ctime:1505344249
etag
"1de3d0b5f3cbe8b1e87e274f129ac0e7"
report-to
{"group": "default", "max_age":86400, "endpoints":[{"url":"https://report.edgecast.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
content-type
text/plain
accept-ranges
bytes
/
t.ssp.hinet.net/ Frame AC35 		37 B
409 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
354e031ce167f0ecfab78158954d3504d4cc24ce9b89712aa49983ca3e046411
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, private
access-control-allow-credentials
true
analytics.js
www.google-analytics.com/ Frame AC35 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138079999-6&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 18 Nov 2022 19:15:54 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
2843
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Fri, 18 Nov 2022 21:15:54 GMT
cookie
ads.adaptv.advertising.com/ Frame AC35 		0
366 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/cookie?pageUrl=https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=&isTop=false&callback=1
Requested by
Host: redir.adap.tv
URL: https://redir.adap.tv/redir/javascript/lightintegration.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.211.94 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-211-94.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

server
adaptv/1.0
Connection
keep-alive
Content-Length
0
content-type
text/html
10114832.json
s.yimg.com/wi/config/ Frame AC35 		46 B
91 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/wi/config/10114832.json
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
480d5b26935e27640c98365cfc7bd4a663c82d2affb64ffae8a4bf9b01b5e9fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:01:59 GMT
x-amz-version-id
LFheN9jReXK1DR2ArxDz7ZU1RNsU84u3
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
x-amz-request-id
563CJS6XXXWC1GFB
age
25279
x-amz-server-side-encryption
AES256
content-length
46
x-amz-id-2
0FystH61hKfvyTUWnKxJdgZpvBz22+jwyxynQCnk+iaug9NCHQWOZAd1+Ku3B+F5NFgDcuzx6XU=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
x-amz-expiration
expiry-date="Sun, 07 May 2023 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified
Fri, 01 Apr 2022 21:50:20 GMT
server
ATS
etag
"31991d36d356e76ae58f243f53479582"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
sp.pl
sp.analytics.yahoo.com/ Frame AC35 		43 B
291 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Fri%2C%2018%20Nov%202022%2020%3A03%3A17%20GMT&n=0&.yp=10114832&f=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQ2%7CaGluZXQ%3D&e=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQ2%7CaGluZXQ%3D&enc=UTF-8&yv=1.13.0&isIframe=1&tagmgr=gtm
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
spdc.pbp.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:17 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
cache-control
no-cache, private, must-revalidate
accept-ranges
bytes
content-length
43
expires
Fri, 18 Nov 2022 20:03:17 GMT
collect
www.google-analytics.com/ Frame AC35 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=513074476&t=event&_s=1&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQ2%7CaGluZXQ%3D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=player&ea=request&_u=QACAAUABAAAAAAAAIC~&jid=&gjid=&cid=1047831193.1668801796&tid=UA-138079999-6&_gid=1111182539.1668801796&gtm=2oub90&z=907421218
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62422
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame AC35 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=513074476&t=event&_s=2&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQ2%7CaGluZXQ%3D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=player&ea=impression&_u=QACAAUABAAAAAAAAIC~&jid=&gjid=&cid=1047831193.1668801796&tid=UA-138079999-6&_gid=1111182539.1668801796&gtm=2oub90&z=1466428920
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62422
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame AC35 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=513074476&t=event&_s=1&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQ2%7CaGluZXQ%3D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=player&ea=request&_u=QACAAUABAAAAAAAAIC~&jid=&gjid=&cid=1047831193.1668801796&uid=8080aeff-b8c6-4d1a-9927-a73ee1c786ad&tid=UA-138079999-10&_gid=1111182539.1668801796&gtm=2oub90&z=1660860439
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62422
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ Frame AC35 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=513074476&t=event&_s=2&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQ2%7CaGluZXQ%3D&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&ec=player&ea=impression&_u=QACAAUABAAAAAAAAIC~&jid=&gjid=&cid=1047831193.1668801796&uid=8080aeff-b8c6-4d1a-9927-a73ee1c786ad&tid=UA-138079999-10&_gid=1111182539.1668801796&gtm=2oub90&z=140925617
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ex.html?id=ppn-aGluZXQ2|aGluZXQ=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 02:42:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
62422
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
rs
ad4m.at/ Frame 1128 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
170d06a7edd0cc59181f4bd474422083d7870db254dc8b248093c54700860c9f

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnYwnQufrWyFbZN5ctNYqn29FwOGYvqgCSJauRZF%2BZc0Jhe%2BFk%2BSjoz8duxKF5Oe8y0p9bcfpC%2FKjUCMfLKwhvUzuOQ3xzdddGX3PVF6mxSzMJNLVx65VIHpGq%2F3sQfAmc81LVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
76c34f036b289164-FRA
x-backend-server
aa-reachservice-group-europe-west1-v578
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
76c34f0309ff9164-FRA
content-length
24
content-type
text/plain
date
Fri, 18 Nov 2022 20:03:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hfKPAacqH49PEVwh81fchoP2Oa3m7KPDHuGxjXiZ5vNUIRTfPtRm8zw2htHg2GPbi6l0X5ntR7Yv23DM%2F6KFquw40uCCBiyQg5thQd0jkkWIpvxjH5z2i6ohkgIwXFsTRcpb9lc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-v578
emome2
t.ssp.hinet.net/ Frame AC35 		30 B
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/emome2?u=98914fb3-5f8d-4d90-8675-6a1052f28272
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
strict-transport-security
max-age=0
content-encoding
gzip
server
nginx
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, private
access-control-allow-credentials
true
rar
as.ad4m.at/ad/ Frame DCBA 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=19458&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX&c=300&d=50&e=&g=e26f36107444fe50110657b6d03334f1%2F8349602815595636617&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1668801797709&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjzvynr4s3mcccrp0bgxgr4p7f4y53hcw62es1j2vr55rgzt3tv77cwangb49kkdvyjjckt5cvvj6q0n5ammjkhme06jabj41vzw4yx3938yfv8wkn1ev7rnkvq0396b50f1dzkrgf1q45nsy4ffjtv0c4g2p6cjmpb73g2fd84g4r63x59j9g9crb59haqw9a56syg1g78thbvrtkmf52nwn0hwzr020gm016y41kvfkqe5213jvwejydt7z17tcpp3x9s8w0tqn47e5st19y6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo9O1BOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhwJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJWfMLvtjOrugeY_I4qOjMqOA57e45FJAZ6200HrFeVV8CB5FYO9MHuWmOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1gHNbYOXopeVDE38mqc2AP5fCS5g%2526client%253Dca-pub-9467144491537745%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6aff6e410bdc2fc619d0215c218f8c7d5bfeaa60c9781f074be350979f11b5f6
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gk00r51mhhhb95g164kbpt9hmxxk8mrc12tjk2s45nm9vqt7a1fdrtp4tct94ejk3txbwcr7t4kv6fm0zk969mfv4fdzwex5sajz4st3ng5w9058pcp3ke3mnvf5dhhdvn53rfrzyedw93mzfq92g19s4ye05r1qfs3j5j96b1h2e9j46qb78aftjxaaw0wh20zrsvmay93ad5t9vmhg25msfhaym9zk3xe688rgwc95r69ry4wzz7bkewv83x60zdszh60y37n34vt1zns0brzmqfccxrhcrxe3jfrw8kze8gqctaz1fts93ab2ygfz8savhw487nty81h2caasb21paayev6cj0gcv07fjdxbhnk5f8p0rsv8jtbw15e3zsyq9jzy13sct5d0y6cg2bqbzkr5wh9s3cwrh85v7kgcrcfgsh9zxhzshv5frrw6spmvn1rc&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCo9O1BOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhwJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJWfMLvtjOrugeY_I4qOjMqOA57e45FJAZ6200HrFeVV8CB5FYO9MHuWmOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1gHNbYOXopeVDE38mqc2AP5fCS5g%26client%3Dca-pub-9467144491537745%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
76c34f03dc30906a-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:17 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.25/one-ad/ Frame DCBA 		89 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.25/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX&c=300&d=50&e=&g=e26f36107444fe50110657b6d03334f1%2F8349602815595636617&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1668801797709&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjzvynr4s3mcccrp0bgxgr4p7f4y53hcw62es1j2vr55rgzt3tv77cwangb49kkdvyjjckt5cvvj6q0n5ammjkhme06jabj41vzw4yx3938yfv8wkn1ev7rnkvq0396b50f1dzkrgf1q45nsy4ffjtv0c4g2p6cjmpb73g2fd84g4r63x59j9g9crb59haqw9a56syg1g78thbvrtkmf52nwn0hwzr020gm016y41kvfkqe5213jvwejydt7z17tcpp3x9s8w0tqn47e5st19y6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo9O1BOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhwJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJWfMLvtjOrugeY_I4qOjMqOA57e45FJAZ6200HrFeVV8CB5FYO9MHuWmOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1gHNbYOXopeVDE38mqc2AP5fCS5g%2526client%253Dca-pub-9467144491537745%2526adurl%253D&y=1&s=&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19458&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX&c=300&d=50&e=&g=e26f36107444fe50110657b6d03334f1%2F8349602815595636617&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1668801797709&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjzvynr4s3mcccrp0bgxgr4p7f4y53hcw62es1j2vr55rgzt3tv77cwangb49kkdvyjjckt5cvvj6q0n5ammjkhme06jabj41vzw4yx3938yfv8wkn1ev7rnkvq0396b50f1dzkrgf1q45nsy4ffjtv0c4g2p6cjmpb73g2fd84g4r63x59j9g9crb59haqw9a56syg1g78thbvrtkmf52nwn0hwzr020gm016y41kvfkqe5213jvwejydt7z17tcpp3x9s8w0tqn47e5st19y6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo9O1BOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhwJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJWfMLvtjOrugeY_I4qOjMqOA57e45FJAZ6200HrFeVV8CB5FYO9MHuWmOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1gHNbYOXopeVDE38mqc2AP5fCS5g%2526client%253Dca-pub-9467144491537745%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
strict-transport-security
max-age=86400; includeSubDomains; preload
via
1.1 google
x-content-type-options
nosniff
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status
HIT
age
182255
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=91232
surrogate-control
no-store
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
cf-bgj
minify
last-modified
Wed, 16 Nov 2022 17:25:42 GMT
cross-origin-opener-policy
unsafe-none
server
cloudflare
x-download-options
noopen
vary
accept-encoding
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type
text/css; charset=utf-8
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
76c34f04ae88906a-FRA
expires
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame DCBA 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX&c=300&d=50&e=&g=e26f36107444fe50110657b6d03334f1%2F8349602815595636617&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1668801797709&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjzvynr4s3mcccrp0bgxgr4p7f4y53hcw62es1j2vr55rgzt3tv77cwangb49kkdvyjjckt5cvvj6q0n5ammjkhme06jabj41vzw4yx3938yfv8wkn1ev7rnkvq0396b50f1dzkrgf1q45nsy4ffjtv0c4g2p6cjmpb73g2fd84g4r63x59j9g9crb59haqw9a56syg1g78thbvrtkmf52nwn0hwzr020gm016y41kvfkqe5213jvwejydt7z17tcpp3x9s8w0tqn47e5st19y6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo9O1BOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhwJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJWfMLvtjOrugeY_I4qOjMqOA57e45FJAZ6200HrFeVV8CB5FYO9MHuWmOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1gHNbYOXopeVDE38mqc2AP5fCS5g%2526client%253Dca-pub-9467144491537745%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
456042
cf-polished
origFmt=png, origSize=115129
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54564
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=93eWscA3HBjdmg64MmeuVMsVBkFV%2Bc4MJpReBdiPU%2Fq8%2Bjz1qqKmct4qAUkv3dxnY9i3YQbpHDkesugDHdH1ytSEmv1c%2FnUBxSlw5bxU9%2BVksVMFkdFOtQ%2F8dczXaYtRM8A2paV%2B42Rjjmqm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c34f04ca609a30-FRA
expires
Sat, 19 Nov 2022 20:03:17 GMT
1D53E9CF3821E81F5644C8C6FD10FC3C1E53F2F21748B14D50333BD8E08058E50BE70BEE9D071C4FD38992D3B57467DAA70308BF0B8E9E5A740263D0F5C9EE6D
assets.ad4m.at/product_image/ Frame DCBA 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/1D53E9CF3821E81F5644C8C6FD10FC3C1E53F2F21748B14D50333BD8E08058E50BE70BEE9D071C4FD38992D3B57467DAA70308BF0B8E9E5A740263D0F5C9EE6D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX&c=300&d=50&e=&g=e26f36107444fe50110657b6d03334f1%2F8349602815595636617&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1668801797709&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjzvynr4s3mcccrp0bgxgr4p7f4y53hcw62es1j2vr55rgzt3tv77cwangb49kkdvyjjckt5cvvj6q0n5ammjkhme06jabj41vzw4yx3938yfv8wkn1ev7rnkvq0396b50f1dzkrgf1q45nsy4ffjtv0c4g2p6cjmpb73g2fd84g4r63x59j9g9crb59haqw9a56syg1g78thbvrtkmf52nwn0hwzr020gm016y41kvfkqe5213jvwejydt7z17tcpp3x9s8w0tqn47e5st19y6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo9O1BOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhwJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJWfMLvtjOrugeY_I4qOjMqOA57e45FJAZ6200HrFeVV8CB5FYO9MHuWmOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1gHNbYOXopeVDE38mqc2AP5fCS5g%2526client%253Dca-pub-9467144491537745%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea39dba2b498dfe4e18255e241acf246f9229c8deb54e5b2530cadb51a25bd58

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2507727
cf-polished
qual=85, origFmt=jpeg, origSize=60655
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21982
cf-bgj
imgq:85,h2pri
last-modified
Fri, 11 Dec 2020 13:58:13 GMT
server
cloudflare
etag
"39d52f1648dac315ebcc9c4fa4ed5728"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DRv8ZpW80BAxq%2BXs103gnrIpiqgCIPSLgTWwN7fPq%2BnTeFF6BiGWGWO5OMqV5dImUO%2BtJn6K6WfVAnzsUU4QwLVx9WtEgEagF19dqJZ58XlZn3KbIegvksqbEOZKKTLZMd4pRJBWdhoOAJuf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
76c34f04ca649a30-FRA
expires
Sat, 19 Nov 2022 20:03:17 GMT
/
partner.o2online.de/a/ Frame DCBA
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CLzr9pLDuPsCFVzbEQgd7oQGww;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.lead-alliance.net/tpv.php?t=112793V1226132702M&subid=viewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2022111821031878673501981X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2022111821031878673501981X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2022111821031878673501981X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19458&b=Z28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jB&f=9kMaMfmfxEVFKHBH2tzCrr9U9SmTzzmSrbBX&c=300&d=50&e=&g=e26f36107444fe50110657b6d03334f1%2F8349602815595636617&i=20774&j=14&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach121_BESTPERFORMER&r=1668801797709&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1hjzvynr4s3mcccrp0bgxgr4p7f4y53hcw62es1j2vr55rgzt3tv77cwangb49kkdvyjjckt5cvvj6q0n5ammjkhme06jabj41vzw4yx3938yfv8wkn1ev7rnkvq0396b50f1dzkrgf1q45nsy4ffjtv0c4g2p6cjmpb73g2fd84g4r63x59j9g9crb59haqw9a56syg1g78thbvrtkmf52nwn0hwzr020gm016y41kvfkqe5213jvwejydt7z17tcpp3x9s8w0tqn47e5st19y6%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCo9O1BOV3Y67WCoe99u8PzqSSsAKQ4YGEXLaoworwAsCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi05NDY3MTQ0NDkxNTM3NzQ1yAEJqQK92IeMhlyxPuACAKgDAaoEhwJP0LojZGknVGjJtWt8aMLwgunxJOqQwzuZpHwEGTGsCZhAZt-d-lRNo23SPvKWwwLXGGD6TX4Q1tFKvkCRDFnRaOo6H4qHcq-tNBR4vXEHBHQMJYAsYjffOCVIUbbKpirWWOxIFl7cD1Pt6SOegm4xOTx6nM_aCsxto0y8vqY4eQo0xPGesEaqcmVGgs9hn9EdjfwVneEENgbVLmb7B0PfKfCLmmvqWyaV0eWrpaZlinZwsrs5yi7k_ofeoKdMPN0-_32XzpyULDhe6mEeY4n1VCjADyh8S6pbqZ6yHJWfMLvtjOrugeY_I4qOjMqOA57e45FJAZ6200HrFeVV8CB5FYO9MHuWmOAEAYAGmpb-sfuW9_XIAaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%2526num%253D1%2526sig%253DAOD64_1gHNbYOXopeVDE38mqc2AP5fCS5g%2526client%253Dca-pub-9467144491537745%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
46.4.41.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads2.sunbonet.de
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:18 GMT
X-NODEIP
46.4.41.145
Server
nginx/1.10.3 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=112793&s_id=2022111821031878673501981X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&gdpr_consent=&gdpr=0&cons=0&spid=2022111821031878673501981X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&partnerid=12218
date
Fri, 18 Nov 2022 20:03:18 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
sodar
pagead2.googlesyndication.com/pagead/ Frame F810 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=3341626603551332&bg=!FhWlFVHNAAbvMpMzzzI7ACkAdvg8WmazAGibJuKN1xdWU-IR7Ai-N8Yq8l_T0I08o7jYJyY_1XthhAIAAAGrUgAAAAJoAQcKAERHi2fSPzOYvYhKZh1caDwrAiRsDszxQk3XVTqbfScEqs2EqxKc4_FjxljRcOHDNNl3o2QfnEqRMV6reTgyZ15HahQyyZkC2CXApMiRHqo-ZMLBwkfPxh_Noeik7fMBKcOFLKtvWxgQdFPFWZ7Tfp3pXIjQHmb5tMrB5bNeInmgNMj8MwA8s6xAJy_VKFEKR0b46erQexu5kYFm3yPg_HETABzbcV35o-m7DdzrvhE4gNSdcHb4eo6Cw3XsNlF1FYWS7fCaB8hxp8vsoMyDDc8jmVtLOQoCLgKxmMaIktrDFtfUe-jopmcMP3bP-RZszOtQsEWY6_aFdIwmmjkqklQfCwXCEo4SAE8AoefNJHplaqShBBc7XQxCTuRSr7sRSIr3Yt8LPdwcgS32XEdWsdrVAn7u1t6sQfbu2RpalP6OLIKdXAh03iuv-6k5iiUwxCsABEhkXv1t5UjNMw9FTKopOL64rLV4cfKIAf9X4ZjrBkqd507WwBNSqe38NPqVFy4dO7Isc3MNuiLz3jSRJfeU6BF7wmq4pNw4bLOuRwYs2wGiDPCI9isp4P2dVtGxt2n37MqdtjNz0elq2Gm4isq86din-xk9kcm1emCHjHN2ElhHWeVtZrX7nEkxKzz99xDB-jAVNYyVAbMx4-M1xF8XQtLVQ3pDwRWCoNB9oGZ75YGSoPmoccv0xxx7NMW-2DscveWm-7_uaey6AKPGXbE0kGH5tp3ByEH2wA6SHs13dVPuA29MwT4IhI7Sln14txgcWVtNshrnN-fkCbwGSpKgyFb0TT9aQTzXP2hYH_zo4P2Wd-cF_06TTMF9WDun2Y0heuetpRoDAb1zFbPcDYI_dFX2PhdO7tzoqlhR-9_EgHDtPMXiWzz7nsMolryZ_Ub2v2cWP_FzzQ-BPY7ZLE9qA7W9-bHC-7R7GPGxd1tvN-VlInaTe0jRPcji2h29B_b-KAc4dLEi8O_KWGIzACkWJzIofbGrVGcBt_ie1XICN7quUmPx9ld77Ekr9VJkxyZi4_2nMIgTjtkkx3UmuTj0KngR02if5V-uW5pRWE_k
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
cm
t.ssp.hinet.net/ Frame AC35 		0
194 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.ssp.hinet.net/cm?c=3d711f&cid=8080aeff-b8c6-4d1a-9927-a73ee1c786ad&mp=98914fb3-5f8d-4d90-8675-6a1052f28272
Requested by
Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:17 GMT
strict-transport-security
max-age=0
server
nginx
vary
Origin
content-type
image/png
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, private
access-control-allow-credentials
true
pixel
98914fb3-5f8d-4d90-8675-6a1052f28272.t.ssp.hinet.net/ Frame AC35 		0
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://98914fb3-5f8d-4d90-8675-6a1052f28272.t.ssp.hinet.net/pixel?bd=98914fb3-5f8d-4d90-8675-6a1052f28272&t=3d711f
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.214.136 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-75-214-136.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
strict-transport-security
max-age=0
server
nginx
content-length
0
content-type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 4D41 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=398688153937301&bg=!YmGlYSXNAAbvMpMzzzI7ACkAdvg8WndEX8pZP4K0PgwS1OkjqhktwvmlDb9r6FoJ5L7j0w_JS2S7nwIAAAHkUgAAAAJoAQeZAsQvmDmSF2DOHzgIkjkUIbgsX39_CETpnd9TGtJYY91tP61hPlwkjBC472wUYxbjAdxf7wVKDFHcyL-bwnAs-sI39oPL_VcyXDKde81gbTsCubfiSJjbSk5GqLTwl_mlHf3Dn7GoLg6rCsXB7ZHdtFW_JGlGrR4J3IwBJLjUPpDvD7NQyud2yOLkL0hA78OGk4mhDnJuUh7n46XaeeqM2Jk95p_Nopcvbor7Mi53yn75NfhjWEP0kdCJ1YE825HUW7aJRYGdtshTWNnrAsyji0StPxXd4GSDBXl3Z2UQNWiINrcEtOUhDZEJVZN1EZsd037lY-UY3jcbpWDGc9T7RcmWfObkmlCietwmbAZ8AfyQZpHvk8xhKCBk6znhyJd6rnfhpwZ4RyjkN0eLFN5WY6hT_kJ-tq75h30wF5KYlxOsZUugJkyqMvKLqSHvF0lAespTHw0DOHW3_T_P_Wq-U4sIBSSvPMcuXktOqVmpGpy3J2xyrHXJsyjOVTrypInfz7AwYPtn9UlHthUU-ICTtN9mjAIsu2-72t_kxc0u-FKpCId9V5oeYO5rGSfvJ88zKiR-ooKV2qmIi5_zfcfepw5RE843YRol3w4U54QVokA-ldBHGkCWZ3pZNxItl4eLHAP3eZ2fAzwDnqKUUzCfbTtTRNhPxkbee_EBGKODLt5IF1gofDnFAsTH15PFY65gSq6n_KOWzfm_XQ6ekIN0u0i0VFQ9bXSVe-7lPAC2GYT5QyOhcdAEduDOrmaiymmNVKLGe8WS4FE10gthK13rS3yjB-HF7XOc9bxN1imz_TW9gG7sY0ltSsAcAm4Pj92GxzAM0RLGc5rR5JaPxa0MxqapnoMtFsCy42TM-KTraWrWV4BY4ZOCVpoWCOH3MkI1A--k3Cou4in9fTLFHRP1-tIYVHpxB8_DkuL8wpxVX_QXs2GEgJc
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
/
graph.facebook.com/ 		226 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://graph.facebook.com/?ids=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&callback=_p6_97c6d1d655af
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/hinet_times.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b9ff9a757c3ede701ed6304607dce5da3de0e1af8e9dba3dce6264d7a16deca9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
www-authenticate
OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
date
Fri, 18 Nov 2022 20:03:18 GMT
x-fb-rev
1006628650
alt-svc
h3=":443"; ma=86400
content-length
168
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
wb6kOLg+cn8QpUdwzDvuk/kWVJqslOlwEQQTbQElBRCRo9lKY1Az81YbNSyDPZDrsz1ODeq6+/ywKrzqGPLEPA==
x-fb-trace-id
AjGgzEaBqwe
vary
Origin, Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-fb-request-id
Ahv8bDJvb8DE3kbeM2U7u0T
cache-control
no-store
facebook-api-version
v9.0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjoxNSwicGFyYW0xIjoxLCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6InRpbWVzLmhpbmV0Lm5ldCIsInVybCI6Imh0dHBzOi8vdGltZXMuaGluZXQubmV0L25ld3MvMjQyNjAyNTEiLCJ1aWQiOiI0MmIxNGMyOGEzOGRmOWU5OTQ1MTY2ODgwMTc5NTk2MSIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6IjE1NzA5NTYwLTgwMzEtNDQwYS04M2U4LWU4Yzk0YTYzMjAxZiIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiIiLCJ0ZF91cmwiOiJodHRwczovL3RpbWVzLmhpbmV0Lm5ldC9uZXdzLzI0MjYwMjUxIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMDcuMC41MzA0LjExMCBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJXaW4zMiIsInRkX2hvc3QiOiJ0aW1lcy5oaW5ldC5uZXQiLCJ0ZF9wYXRoIjoiL25ld3MvMjQyNjAyNTEiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiIxMDcuMC41MzA0IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6IjE1NzA5NTYwLTgwMzEtNDQwYS04M2U4LWU4Yzk0YTYzMjAxZiIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1668801798033
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
last-modified
Thu, 13 Dec 2018 07:19:53 GMT
server
nginx/1.13.5
etag
"5c120819-42"
content-type
image/jpeg
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
66
log.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/log.gif?type=related-tw&uid=42b14c28a38df9e99451668801795961&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&t=1668801798034
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
last-modified
Wed, 04 Sep 2019 04:26:06 GMT
server
nginx
etag
"5d6f3cde-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
index.m3u8
lispeedtest.akamaized.net/ppninstead/ Frame 334C 		409 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lispeedtest.akamaized.net/ppninstead/index.m3u8
Requested by
Host: jsmodule.svc.litv.tv
URL: https://jsmodule.svc.litv.tv/videojs/7.20.3/video.novtt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:4::b818:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
adc24d49794343c273a5590a066402c375609835dc12f5a9109ff84c28e6159e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:18 GMT
Content-Encoding
gzip
Connection
keep-alive
Akamai-Mon-Iucid-Del
835817
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
193
Last-Modified
Fri, 11 Dec 2020 02:58:53 GMT
Server
AkamaiNetStorage
ETag
"c5f6ed62c761989453d6e4f50db9d7b4:1607655533.784548"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31454436
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
5e11c0f8-2605-46f2-b799-5583d33b940d
https://player.svc.litv.tv/ Frame 334C 		6 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://player.svc.litv.tv/5e11c0f8-2605-46f2-b799-5583d33b940d
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
64416c005f1da729c05a1b8e32a0c15addd1c3722e63cc8d8e3766113b7f409a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length
6002
Content-Type
application/javascript
cca37a62-f3fc-43e9-a202-69213f2ca0c1
https://player.svc.litv.tv/ Frame 334C 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://player.svc.litv.tv/cca37a62-f3fc-43e9-a202-69213f2ca0c1
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc4a92247f35202aa42226123437df07b26d10b6811f0e00a658f9956f24b978

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length
79884
Content-Type
application/javascript
2d2a478c-fcda-429d-8c46-f1f82bc4a2c5
https://player.svc.litv.tv/ Frame 334C 		78 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://player.svc.litv.tv/2d2a478c-fcda-429d-8c46-f1f82bc4a2c5
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cc4a92247f35202aa42226123437df07b26d10b6811f0e00a658f9956f24b978

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Length
79884
Content-Type
application/javascript
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame E63D 		370 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.impactify.media
URL: https://ad.impactify.media/static/ad/v5-1.9.48/screen.js?v=v5-1.9.48
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126568
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:18 GMT
lib.js
ad.impactify.media/static/ad/v5-1.9.48/ Frame E63D 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.impactify.media/static/ad/v5-1.9.48/lib.js?v=v5-1.9.48
Requested by
Host: ad.impactify.media
URL: https://ad.impactify.media/static/ad/v5-1.9.48/screen.js?v=v5-1.9.48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c6638bb9397e6bcc4b4899a6ec8b70fb191fac0b6c379fd3cf6ccced95e8c1a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 18 Nov 2022 20:03:18 GMT
x-amz-version-id
ugkVB8acAKwk.YjSycizR.xswudYLFiw
content-encoding
br
x-amz-request-id
RH2KV0NPCFK2RWRX
x-cache
HIT
x-77-cache
HIT
x-age
2158
x-amz-id-2
ahxWuMqsut/VFL2t0j95TrjaDeLVpaxN8P/ipDgI0pIAsH2XjGWLKgWuZYYh0/2nvNYfXQzMowU=
x-77-nzt
AdRmOI0KwK7/bggAAA
x-accel-expires
@1668803240
last-modified
Tue, 15 Nov 2022 08:24:50 GMT
server
CDN77-Turbo
etag
W/"ba40a9a829de3006b9db88e1097156ca"
x-77-nzt-ray
c1a07737d066f65006e57763f303b81a
content-type
application/javascript
standard.js
ad.impactify.media/static/ad/v5-1.9.48/ Frame 9E57 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.impactify.media/static/ad/v5-1.9.48/standard.js?v=v5-1.9.48
Requested by
Host: ad.impactify.media
URL: https://ad.impactify.media/static/ad/v5-1.9.48/screen.js?v=v5-1.9.48
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::20 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
5d611297f378fe47fd515341a2f576e06a15dfc1bccb2ee2a595c33f986701aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Fri, 18 Nov 2022 20:03:18 GMT
x-amz-version-id
l5YD1GQOIvj_UHhwZXLK.WnFK_wIockn
content-encoding
br
x-amz-request-id
AJE73YMYXPWR5776
x-cache
HIT
x-77-cache
HIT
x-age
1837
x-amz-id-2
ZzXBFc179tACC8rt6RSjamRro/KavWTx5aT0P34QcFyzHfw4fN0CZFdVJDSInz/5cgvqv7Wo3So=
x-77-nzt
AdRmOI1NwDT/LQcAAA
x-accel-expires
@1668803561
last-modified
Tue, 15 Nov 2022 08:24:50 GMT
server
CDN77-Turbo
etag
W/"01f3cdd8e3cf1770b5377dbb17db7bee"
x-77-nzt-ray
c1a07737d066f65006e577637327c31b
content-type
application/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9E57 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ad.impactify.media
URL: https://ad.impactify.media/static/ad/v5-1.9.48/screen.js?v=v5-1.9.48
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e1c0ebf7754cb31a1f17efc56308561c1efee8c060f6e3c4f6a7ce25451a0f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27269
x-xss-protection
0
server
sffe
etag
"1396 / 969 of 1000 / last-modified: 1668773326"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Nov 2022 20:03:18 GMT
p-dGVNbBUC43xtN.gif
pixel.quantserve.com/pixel/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-dGVNbBUC43xtN.gif?gdpr=1&gdpr_consent=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 18 Nov 2022 20:03:18 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ Frame A4BC 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.impactify.media
URL: https://ad.impactify.media/static/ad/v5-1.9.48/screen.js?v=v5-1.9.48
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e1c0ebf7754cb31a1f17efc56308561c1efee8c060f6e3c4f6a7ce25451a0f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27269
x-xss-protection
0
server
sffe
etag
"1396 / 848 of 1000 / last-modified: 1668773326"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Nov 2022 20:03:18 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame 9E57 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7324
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Nov 2023 18:01:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 9E57 		875 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a8ee0403f4c897f53c06e745374d863e8072abf0b3ecc61a6ac5665e9acaf6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:18 GMT
vod44682-000000M001_400K.m3u8
lispeedtest.akamaized.net/ppninstead/ Frame 334C 		1 KB
1001 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lispeedtest.akamaized.net/ppninstead/vod44682-000000M001_400K.m3u8
Requested by
Host: jsmodule.svc.litv.tv
URL: https://jsmodule.svc.litv.tv/videojs/7.20.3/video.novtt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:4::b818:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
5b685aa3b92ad997c10e92e89a5a58e48e97f8811fd5692d19c2e4ee362f7fb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:18 GMT
Content-Encoding
gzip
Connection
keep-alive
Akamai-Mon-Iucid-Del
835817
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
207
Last-Modified
Fri, 11 Dec 2020 02:53:09 GMT
Server
AkamaiNetStorage
ETag
"61dc79198f20eec8e3864f781758133b:1607655189.707641"
Vary
Accept-Encoding
Access-Control-Max-Age
86400
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,POST,OPTIONS
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31454436
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
bridge3.546.0_en.html
imasdk.googleapis.com/js/core/ Frame 9536 		690 KB
221 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f43762f8d21458d2db8345c175545afe7c12bd886a827956d78ae75dafc50179
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
218008
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
226628
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 07:29:50 GMT
expires
Thu, 16 Nov 2023 07:29:50 GMT
last-modified
Wed, 16 Nov 2022 07:23:53 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame E63D 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Nov 2022 20:03:18 GMT
integrator.js
adservice.google.com/adsid/ Frame E63D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
vod44682-000000M001_400K0.ts
lispeedtest.akamaized.net/ppninstead/ Frame 334C 		252 KB
253 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lispeedtest.akamaized.net/ppninstead/vod44682-000000M001_400K0.ts
Requested by
Host: jsmodule.svc.litv.tv
URL: https://jsmodule.svc.litv.tv/videojs/7.20.3/video.novtt.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:3500:4::b818:4dc9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
c8b7a9b205325f5b9814ceb75ad1a4095d980f20f445e8bdb2a7b5227932092e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:18 GMT
Connection
keep-alive
Akamai-Mon-Iucid-Del
835817
Alt-Svc
h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
Content-Length
258312
Last-Modified
Fri, 11 Dec 2020 02:53:32 GMT
Server
AkamaiNetStorage
ETag
"b43fb0fc442d6a7217831a7709b69cab:1607655212.47467"
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
video/MP2T
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Server,range,hdntl,hdnts,Akamai-Mon-Iucid-Ing,Akamai-Mon-Iucid-Del,Akamai-Request-BC
Cache-Control
max-age=31477488
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Access-Control-Allow-Headers
origin,range,hdntl,hdnts
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame A4BC 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7324
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Nov 2023 18:01:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame A4BC 		875 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=times.hinet.net
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a8ee0403f4c897f53c06e745374d863e8072abf0b3ecc61a6ac5665e9acaf6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:18 GMT
integrator.js
adservice.google.de/adsid/ Frame 9E57 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9E57 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 9E57 		504 B
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1613594301677280&correlator=2326796411596259&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fif&iu_parts=21686896405%2Cca-pub-1343218370015870-tag%2Ctimes.hinet.net&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=3856058498&sfv=1-0-40&prev_scp=unit_type%3Ddisplay%26pos%3Dsticky-bottom%26style%3Dmpu%26pack%3D4%26pid%3D2300%26t_version%3Dv5-1.9.48&eri=4&sc=1&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&abxe=1&dt=1668801798637&dlt=1668801798450&idt=178&adxs=1260&adys=40&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=igz5o59zpyqx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&top=times.hinet.net&frm=23&vis=1&psz=300x0&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1365366507.1668801795&ga_sid=1668801799&ga_hid=494802255&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
345be188a84fe70cf95a892b92fe38f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DCD1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://345be188a84fe70cf95a892b92fe38f6.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:18 GMT
expires
Sat, 18 Nov 2023 20:03:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame A4BC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A4BC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A4BC 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1609444679087583&correlator=2815947657317648&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&npa=1&iu_parts=1030700%2Cimpactify_cr&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=2422571109&sfv=1-0-40&ists=1&cust_params=Domain%3Dtimes.hinet.net&sc=1&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&abxe=1&dt=1668801798731&lmt=1668801798&dlt=1668801798466&idt=256&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=wklq05njp2ss&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ref=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&frm=23&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=1365366507.1668801795&ga_sid=1668801799&ga_hid=1513396856&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05f32f13557a391dc71ab60fe7be4c898654feb72375195eaaa192a1a1988db4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3149
x-xss-protection
0
google-lineitem-id
92106010
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
83124966010
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A4BC 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
683ba69636e503587e0af8c9a602ba5c44c80022c811ce4d46b0acfef4612f00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11143
x-xss-protection
0
container.html
b328c1262e96b4cc9e77882a7cea4f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame E308 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b328c1262e96b4cc9e77882a7cea4f0a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:18 GMT
expires
Sat, 18 Nov 2023 20:03:18 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ac
www8.smartadserver.com/ Frame 9536
Redirect Chain
  • https://www8.smartadserver.com/ac?siteid=474385&pgid=1492394&fmtid=61987&ab=1&oc=1&ps=1&pb=0&visit=S&vcn=s&tmstp=1668801798&pgDomain=https%3A%2F%2Ftimes.hinet.net&vpw=640&vph=360&schain=1.0,1!impac...
  • https://www8.smartadserver.com/ac?siteid=474385&pgid=1492394&fmtid=61987&ab=1&oc=1&ps=1&pb=0&visit=S&vcn=s&tmstp=1668801798&pgDomain=https%3a%2f%2ftimes.hinet.net&vpw=640&vph=360&schain=1.0%2c1!imp...
129 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?siteid=474385&pgid=1492394&fmtid=61987&ab=1&oc=1&ps=1&pb=0&visit=S&vcn=s&tmstp=1668801798&pgDomain=https%3a%2f%2ftimes.hinet.net&vpw=640&vph=360&schain=1.0%2c1!impactify.io%2c2300%2c1%2c%2c%2c&gdpr=1&gdpr_consent=&out=vast4&tgt=pack%3d4%3bpid%3d2300%3bsdk%3dAM%3bstyle%3dimpact&cklb=1
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
HTTP/1.1
Server
185.86.137.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:18 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://imasdk.googleapis.com
location
https://www8.smartadserver.com/ac?siteid=474385&pgid=1492394&fmtid=61987&ab=1&oc=1&ps=1&pb=0&visit=S&vcn=s&tmstp=1668801798&pgDomain=https%3a%2f%2ftimes.hinet.net&vpw=640&vph=360&schain=1.0%2c1!impactify.io%2c2300%2c1%2c%2c%2c&gdpr=1&gdpr_consent=&out=vast4&tgt=pack%3d4%3bpid%3d2300%3bsdk%3dAM%3bstyle%3dimpact&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
ptv
secure.adnxs.com/ Frame 9536 		27 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=23514371&vv=4&vwidth=640&vheight=360&gdpr=1&gdpr_consent=&schain=1.0,1!impactify.io,2300,1,,,&referrer=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Nov 2022 20:03:18 GMT
AN-X-Request-Uuid
ed8cdbf0-8fa1-441f-b2d1-c76a89847db5
Server
nginx/1.21.3
Content-Type
application/xml; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.57.3; 37.58.57.3; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9E57 		0
0
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:19 GMT
Via
1.1 f535ebbbbd7f05468fe793ceeef59766.cloudfront.net (CloudFront)
X-Amz-Cf-Id
-q3r7QVIFwej5cx0b1jhxrk8aM9Z1EGhXmaKJxBYLwrLGuDUV6SprQ==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
a94b1df49cd1f0179f5e1110f80d13b97bb84f3ae1310ff67829d68db89df390
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:20 GMT
Via
1.1 f535ebbbbd7f05468fe793ceeef59766.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
qfIswIRzOEX7twVUKB8WyGNSBwcN0FJniuMZMqrU7oNFA2bOPy9hhA==
integrator.js
adservice.google.com/adsid/ Frame 334C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
smart.js
ced.sascdn.com/tag/2974/ 		96 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/2974/smart.js
Requested by
Host: ad.impactify.media
URL: https://ad.impactify.media/static/ad/v5-1.9.48/screen.js?v=v5-1.9.48
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.36.163.12 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-163-12.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
9c522722cc91d64f246f766deb7d58c282a3564f0b4646174d10e98e2b0c3a92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:18 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
32897
Expires
Fri, 18 Nov 2022 22:03:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A4BC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:18 GMT
ads
das.dna360.tw/ Frame 10EF 		174 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://das.dna360.tw/ads?puid=8080aeff-b8c6-4d1a-9927-a73ee1c786ad&description_url=https%3A%2F%2Fwww.hinet.net%2F&correlator=1668801798765&cb=1668801798765&pageUrl=https%3A%2F%2Fwww.hinet.net%2F&pi.width=[playerwidth]&pi.height=[playerheight]&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36&referrer=https%3A%2F%2Fwww.hinet.net%2F&req(url)=https%3A%2F%2Fwww.hinet.net%2F&ht=[PLAYERHEIGHT]&wd=[PLAYERWIDTH]&ad_unit=dam_hinet6_em
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.212.113.236 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
cb7247b4a69d87ea6d29e93741461e178748c73be8bd0c73c6aa166da9ae56d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Fri, 18 Nov 2022 20:03:19 GMT
access-control-allow-credentials
true
content-length
174
vary
Origin
content-type
application/xml
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7212 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3523
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 19:04:35 GMT
expires
Sat, 18 Nov 2023 19:04:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A9A1 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
06a0606f80ff46964f1b9fdff66077d431e62599ac049c5caadf7cb4f9c0d8e5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-NLabucofkWwZmpdo8T3SFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-NLabucofkWwZmpdo8T3SFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:18 GMT
expires
Fri, 18 Nov 2022 20:03:18 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ac
prg.smartadserver.com/ 		25 B
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/ac?nwid=2974&siteid=474385&pgid=1492400&fmtid=66027&async=1&visit=m&tmstp=6420329499&tag=66027_ih1Ccl&sh=1200&sw=1600&pgDomain=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&noadcbk=sas.noad&schain=1.0,1!impactify.io,2300,1,,,&isLazy=0&isAdRefresh=0
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/2974/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
ab15c5a5cfccd3a2d2a2eaf84576b70df55269e55d60bd77b9b8949966b91a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
application/javascript; charset=UTF-8
cache-control
no-cache,no-store
sodar
pagead2.googlesyndication.com/pagead/ Frame A9A1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=1609444679087583&rc=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 7212 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 18:17:59 GMT
generate_204
tpc.googlesyndication.com/ Frame 7212 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RqkQgg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
integrator.js
adservice.google.com/adsid/ Frame E63D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 9536 		73 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?sz=400x300%7C640x480&iu=%2F21686896405%2Fca-video-pub-1343218370015870-tag%2Ftimes.hinet.net&tfcd=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3653503878473792&cust_params=pack%3D4%26pid%3D2300%26t_version%3Dv5-1.9.48%26style%3Dimpact&description_url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&sdkv=h.3.546.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3228640411&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.546.0&media_url=https%3A%2F%2Fcdn.impactify.media%2Fmedias%2Fgetfile.webm%3Fv%3Dv5-1.9.48&sid=8D29EB49-3958-49DC-BCC4-E33E73B89A47&nel=0&eid=44748969%2C44765701%2C44771450&ref=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&dlt=1668801798442&idt=211&dt=1668801798982&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&scor=1812467429257935&ged=ve4_td1_tt0_pd1_la1000_er980.10.1134.310_vi0.0.1200.1600_vp100_ts0_eb24299
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ac540acc7481f36469b83ca4b3d6ba2b73ce5902a7e7e56eaf978de0283d363
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:19 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15929
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
AdServerServlet
vid.pubmatic.com/AdServer/ Frame 9536 		27 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.pubmatic.com/AdServer/AdServerServlet?adId=4206017&adtype=13&pubId=160998&siteId=915176&placement=1&vapi=2&vfmt=1+4+5+6+11&vadFmt=2+3+4+5+7+8&vtype=1&vpos=1&vskip=0&vplay=1+2+3+4+5+6&vcom=0&vw=640&vh=360&sec=1&cachebuster=5868143182204&schain=1.0,1!impactify.io,2300,1,,,&vminl=1&vmaxl=100&gdpr=1&gdpr_consent=&kadpageurl=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&pageURL=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:19 GMT
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://imasdk.googleapis.com
content-type
application/xml; charset=utf-8
x-vdbg
1:0/165:-1
access-control-allow-credentials
true
cache-control
no-store, no-cache, private
/
adx.adform.net/adx/ Frame 9536 		65 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/?mid=952723&mkv=appid:times.hinet.net&t=2&gdpr=1&gdpr_consent=&schain=1.0,1!impactify.io,2300,1,,,&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&random=15622827521895
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.23 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
json
ssp.hinet.net/api/web/request/ 		17 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017034&s=201702000017&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801794283&oi=RfT4U&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017034%26s%3D201702000017%26u%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26ad%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26t%3D1668801794283%26oi%3DRfT4U%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F24260251
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e091e49dfd6df3afa2eadfb799c8703d4de4181707813348004d335bccf5f0a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Fri, 18 Nov 2022 20:03:19 GMT
access-control-allow-credentials
true
server
nginx
content-length
17
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
request
ssp.hinet.net/api/web/ 		510 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017034&s=201702000017&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801794283&oi=b95qb&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&o=ae4Br
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
ed89764635ac5c5d94c596496d619dd0f93e4a51e3269d8dd53f72d51407eb80

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
json
ssp.hinet.net/api/web/request/ 		17 B
188 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017034&s=201702000074&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801794283&oi=zuu59&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017034%26s%3D201702000074%26u%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26ad%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26t%3D1668801794283%26oi%3Dzuu59%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F24260251
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e091e49dfd6df3afa2eadfb799c8703d4de4181707813348004d335bccf5f0a1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Fri, 18 Nov 2022 20:03:19 GMT
access-control-allow-credentials
true
server
nginx
content-length
17
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
request
ssp.hinet.net/api/web/ 		510 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017034&s=201702000074&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801794283&oi=q0DV1&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&o=Uvygp
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
d3f36220e12640e742dacc9215c68eadf81530c7c02187bc87dc2e8ae0f51e3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:19 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
json
ssp.hinet.net/api/web/request/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017003&s=201702000041&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801794283&oi=H5C1b&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017003%26s%3D201702000041%26u%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26ad%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26t%3D1668801794283%26oi%3DH5C1b%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F24260251
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
a907b5d217cc55e8569c8c1f2026b66f12337525f79315ff1ee5edcf48817f96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Fri, 18 Nov 2022 20:03:20 GMT
access-control-allow-credentials
true
server
nginx
content-length
1087
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
request
ssp.hinet.net/api/web/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017003&s=201702000041&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801794283&oi=VTNQj&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&o=DX4wh
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
d9a364b7a57001e61d2afe10a43ddbd7ea9535c617d887a64a13835ddceaeb81

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:20 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
jquery-1.9.1.min.js
code.jquery.com/ Frame CEDF 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:20 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-169d5"
vary
Accept-Encoding
x-hw
1668801800.dop135.fr8.t,1668801800.cds155.fr8.hn,1668801800.cds250.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32772
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame CEDF 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e1c0ebf7754cb31a1f17efc56308561c1efee8c060f6e3c4f6a7ce25451a0f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27269
x-xss-protection
0
server
sffe
etag
"1396 / 952 of 1000 / last-modified: 1668773326"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Nov 2022 20:03:20 GMT
json
ssp.hinet.net/api/web/request/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017003&s=201702000008&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801794283&oi=eQSI3&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017003%26s%3D201702000008%26u%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26ad%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26t%3D1668801794283%26oi%3DeQSI3%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F24260251
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
9eea1c23c8b13390f2fc682d43f4d941504a961c621090d8a851891cf5d6024d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Fri, 18 Nov 2022 20:03:20 GMT
access-control-allow-credentials
true
server
nginx
content-length
1105
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
request
ssp.hinet.net/api/web/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017003&s=201702000008&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801794283&oi=rN9ta&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&o=XHa0R
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
b3a0422736f8f35a4b698a4ddbc4a2673f0d061ecbcfa9d117d2b2fed32c5348

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:20 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
jquery-1.9.1.min.js
code.jquery.com/ Frame 6352 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:21 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-169d5"
vary
Accept-Encoding
x-hw
1668801801.dop135.fr8.t,1668801801.cds155.fr8.hn,1668801801.cds250.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32772
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6352 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e1c0ebf7754cb31a1f17efc56308561c1efee8c060f6e3c4f6a7ce25451a0f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27269
x-xss-protection
0
server
sffe
etag
"1396 / 599 of 1000 / last-modified: 1668773326"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Nov 2022 20:03:21 GMT
json
ssp.hinet.net/api/web/request/ 		462 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017034&s=201702000024&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801794283&oi=kVUGo&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017034%26s%3D201702000024%26u%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26ad%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26t%3D1668801794283%26oi%3DkVUGo%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F24260251
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
3f4fa536557822792183b6ec763dce9b254790fda214c96c47eedfce8cec6d4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Fri, 18 Nov 2022 20:03:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
462
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
request
ssp.hinet.net/api/web/ 		644 B
555 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017034&s=201702000024&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801794283&oi=7rkyg&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&o=YFegT
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
55df3cf77c589900f113605dc258e0d6bbaba0da68f4583e5599bced6cd574a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:21 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
json
ssp.hinet.net/api/web/request/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017003&s=201712000007&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801794283&oi=hYfgw&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017003%26s%3D201712000007%26u%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26ad%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26t%3D1668801794283%26oi%3DhYfgw%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F24260251
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
c7839bf6f5f615f1e09231be909b7b4b3654e5ed13fd41db679d2eb25077ca48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Fri, 18 Nov 2022 20:03:21 GMT
access-control-allow-credentials
true
server
nginx
content-length
1105
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
request
ssp.hinet.net/api/web/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017003&s=201712000007&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801794283&oi=AG1tI&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&o=n8jFU
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
4b64908cd044a8400843222aa633ff48c4e4710dca3ebd27d0afb77ae6e172e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:21 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
jquery-1.9.1.min.js
code.jquery.com/ Frame F5B9 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-169d5"
vary
Accept-Encoding
x-hw
1668801802.dop135.fr8.t,1668801802.cds155.fr8.hn,1668801802.cds250.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32772
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame F5B9 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e1c0ebf7754cb31a1f17efc56308561c1efee8c060f6e3c4f6a7ce25451a0f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27269
x-xss-protection
0
server
sffe
etag
"1396 / 392 of 1000 / last-modified: 1668773326"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Nov 2022 20:03:22 GMT
json
ssp.hinet.net/api/web/request/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request/json?c=2017003&s=201712000006&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801794283&oi=maJ75&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017003%26s%3D201712000006%26u%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26ad%3D7d19f8d9-09e5-b279-dc9b-65ccfbda485b%26t%3D1668801794283%26oi%3DmaJ75%26site%3Dhttps%253A%252F%252Ftimes.hinet.net%252Fnews%252F24260251
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
519dc8c12a8b15e63a3bd783ea99f513e35d997c2f3474e6a88580ff42e17459

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

access-control-allow-origin
https://times.hinet.net
date
Fri, 18 Nov 2022 20:03:22 GMT
access-control-allow-credentials
true
server
nginx
content-length
1083
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
request
ssp.hinet.net/api/web/ 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/request?c=2017003&s=201712000006&u=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&ad=7d19f8d9-09e5-b279-dc9b-65ccfbda485b&t=1668801794283&oi=aomlu&site=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&o=MMmBr
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
3532dc7720ce3ddcc7fd68188ac4322968e530db1694c88c1afc04f6288fb888

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
jquery-1.9.1.min.js
code.jquery.com/ Frame 15EC 		90 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.9.1.min.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-169d5"
vary
Accept-Encoding
x-hw
1668801802.dop135.fr8.t,1668801802.cds155.fr8.hn,1668801802.cds250.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
32772
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 15EC 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2e1c0ebf7754cb31a1f17efc56308561c1efee8c060f6e3c4f6a7ce25451a0f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27269
x-xss-protection
0
server
sffe
etag
"1396 / 270 of 1000 / last-modified: 1668773326"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 18 Nov 2022 20:03:22 GMT
500
times.hinet.net/
Redirect Chain
  • https://times.hinet.net/news/undefined
  • https://times.hinet.net/500
18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://times.hinet.net/500
Protocol
H2
Server
203.66.35.104 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-35-104.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN, SAMEORIGIN
X-Xss-Protection 1;mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/news/24260251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
content-encoding
br
server
HiNetCDN/2211
vary
Accept-Encoding
x-frame-options
SAMEORIGIN, SAMEORIGIN
content-type
text/html;charset=UTF-8
content-language
de-DE
x-cache
MISS, MISS
cache-control
no-cache
x-xss-protection
1;mode=block
x-request-id
dc332741fe4ce295d926fb9d3578a3ae
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Fri, 18 Nov 2022 20:03:22 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
server
HiNetCDN/2211
x-frame-options
SAMEORIGIN
x-cache
MISS, MISS
content-language
de-DE
location
/500
content-length
0
x-xss-protection
1;mode=block
x-request-id
3380aee52a6134b09a551c3f613f8094
pixel
ssp.hinet.net/api/ Frame 5022 		106 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.hinet.net/api/pixel?bd=3d20616ba433a301f10f7b31b47f5acb75ede8597d5755a9f0f41750b6ca145e&ch=2017034
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
c2b3bd344266b0e4a44b8add0800dcbf04237255843c23d507a924b6584f9889

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
last-modified
Thu, 13 Feb 2020 05:50:28 GMT
server
nginx
etag
"5e44e3a4-6a"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-credentials
true
accept-ranges
bytes
content-length
106
pixel
ssp.hinet.net/api/ Frame 67B7 		106 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.hinet.net/api/pixel?bd=3d20616ba433a301f10f7b31b47f5acb75ede8597d5755a9f0f41750b6ca145e&ch=2017034
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
c2b3bd344266b0e4a44b8add0800dcbf04237255843c23d507a924b6584f9889

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
last-modified
Thu, 13 Feb 2020 05:50:28 GMT
server
nginx
etag
"5e44e3a4-6a"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-credentials
true
accept-ranges
bytes
content-length
106
third
ssp.hinet.net/api/web/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201702000041&th=29&wc=3133
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
third
ssp.hinet.net/api/web/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201702000008&th=29&wc=3130
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
6360b417ce9db.jpg
ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/ Frame 5AE9
Redirect Chain
  • https://ssp.hinet.net/api/web/exposure/?token=1668801801444659a63a6ad2f2abad
  • https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/6360b417ce9db.jpg
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/6360b417ce9db.jpg
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Server
203.66.32.196 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
203-66-32-196.hinet-ip.hinet.net
Software
HiNetCDN/2211 /
Resource Hash
3c8082a1bbc99088d70f8094dd38270db383ed466bccec871fbc0105ade0627d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
last-modified
Tue, 01 Nov 2022 05:52:20 GMT
server
HiNetCDN/2211
etag
"6360b414-3e27"
x-cache
HIT
content-type
image/jpeg
accept-ranges
bytes
content-length
15911

Redirect headers

access-control-allow-origin
https://times.hinet.net
location
//ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/6360b417ce9db.jpg
date
Fri, 18 Nov 2022 20:03:22 GMT
access-control-allow-credentials
true
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
third
ssp.hinet.net/api/web/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201712000007&th=29&wc=3131
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
third
ssp.hinet.net/api/web/ 		0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201712000006&th=29&wc=3132
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca29b7029d4b64ea43a2c3d370073a2e0e756f169fce555599e36892771647c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11148
x-xss-protection
0
third
ssp.hinet.net/api/web/ Frame 4D41 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201707000014&th=29&wc=3179
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
0f35e9afae4d24612fcedd815c247d633510a123c6f9f409222a89c75ffd2419
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:23 GMT
Via
1.1 8f2a8d0800eb3d1942ab5a7177177e20.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
LvkKQiBtWo3D3j890mpwW04LU2c8RhnJ1mat4DqVu7WowSKbRX_nhg==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
3f254f124ac5df59bea509037c6cc85e1d997b394cfed336c656add47aa9ba8c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:23 GMT
Via
1.1 1dd6f08fb93545a8d6cac36f521d0678.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
i2RCOnHWUPviOy0hnVkC8tQRloaYqsSlSXYM3CzCk35jj0uT81AuAg==
integrator.js
adservice.google.com/adsid/ Frame 334C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:22 GMT
Via
1.1 f535ebbbbd7f05468fe793ceeef59766.cloudfront.net (CloudFront)
X-Amz-Cf-Id
PWXja1HzkEaSGRpdJ0b4STYERSImi7qqdtW2tPPOkANtN-vdSO7ymA==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:23 GMT
Via
1.1 f535ebbbbd7f05468fe793ceeef59766.cloudfront.net (CloudFront)
X-Amz-Cf-Id
1DMEmLsdBVvM-RZZRqdUoAQKextIvHqSOEPZbeIbw9oC6LszcSGNSw==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
1657190318.jpg
cdnstatic.svc.litv.tv/pics/embed_showcase/2022/07/ Frame 3F7A 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2022/07/1657190318.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-16.fra56.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
386da25d238901a95b8757d630d6974526cef4b4602971d722ef920b5a91b5d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 14 Nov 2022 08:07:05 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
388560
x-cache
Hit from cloudfront
content-length
68025
last-modified
Thu, 07 Jul 2022 10:36:08 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"41d7cc-109b9-5e334a7532044"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
hLiMIqOa806ztu4ptx54OFI76nyjReNTjCxQAwD0UfgCQ-MLlZX9jg==
expires
Wed, 14 Dec 2022 08:07:05 GMT
1657190384.jpg
cdnstatic.svc.litv.tv/pics/embed_showcase/2022/07/ Frame 3F7A 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2022/07/1657190384.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-16.fra56.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
b9ca279dfface650f04e1a9f05bec5c01082e37324845de669c28a090636b263

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Sat, 29 Oct 2022 05:35:25 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
1780081
x-cache
Hit from cloudfront
content-length
21992
last-modified
Thu, 07 Jul 2022 10:38:48 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"41d7ce-55e8-5e334b0d6af10"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
6BLRXp-LeyLYTsrYWRlvw0-MH3yspoUr3oY5bLHM4wJg_DNVwEg4Kg==
expires
Mon, 28 Nov 2022 05:35:25 GMT
1657190428.jpg
cdnstatic.svc.litv.tv/pics/embed_showcase/2022/07/ Frame 3F7A 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2022/07/1657190428.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-16.fra56.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
ec4fb54889aac63583c60d32376263f346452c9417fb47262b5689fadb41d301

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 05:56:14 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
2210810
x-cache
Hit from cloudfront
content-length
20491
last-modified
Thu, 07 Jul 2022 10:38:54 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"41d7d0-500b-5e334b1341479"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
Xf2MwyHbrmQbcQFBPHsr0QRDXb7KNwyQ3unH95XHtW-ur98gyzj4kA==
expires
Wed, 23 Nov 2022 05:56:14 GMT
1657851395.jpg
cdnstatic.svc.litv.tv/pics/embed_showcase/2022/07/ Frame 3F7A 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnstatic.svc.litv.tv/pics/embed_showcase/2022/07/1657851395.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.17.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-16.fra56.r.cloudfront.net
Software
Apache/2.2.21 (Unix) DAV/2 /
Resource Hash
c469eb09c5f7446e86248b81be58f53a99a92c90dfe27f253a45826c7c05f366

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Wed, 09 Nov 2022 19:56:12 GMT
via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
778012
x-cache
Hit from cloudfront
content-length
104372
last-modified
Fri, 15 Jul 2022 02:16:23 GMT
server
Apache/2.2.21 (Unix) DAV/2
etag
"41ec74-197b4-5e3ce9ad34812"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
accept-ranges
bytes
x-amz-cf-id
F8vgr2nKPu1Y-GwCR6DUOCOSjRm_-nEOtSwtYL3nlHnyJEPVB7--EA==
expires
Fri, 09 Dec 2022 19:56:12 GMT
cd2696fd4b4633d9b42115314ccf4590.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/ Frame D196 		349 B
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/cd2696fd4b4633d9b42115314ccf4590.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/c362b1f05dc8934474d0dee6e618807a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Nov 2022 11:07:48 GMT
age
118534
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:07:48 GMT
695e9567e875d54c2e661e7adc962fc7.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/ Frame D196 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/695e9567e875d54c2e661e7adc962fc7.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
31202d19710656ec3f32e2ca9a85f248f0fd0f786035ccfc09aaa94ef89816b2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 11:07:42 GMT
x-content-type-options
nosniff
age
118540
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36080
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:07:42 GMT
747094f314e26d13895a372925550717.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/ Frame D196 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/747094f314e26d13895a372925550717.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc098278aac58b01e2d6991a55580f53a9b353bd0ca73f785a3df892485f2fa7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 11:07:47 GMT
x-content-type-options
nosniff
age
118535
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27474
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:07:47 GMT
collect
region1.analytics.google.com/g/ Frame 001E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JRLWM3RJSP&gtm=2oeb90&_p=1190411500&cid=1047831193.1668801796&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1668801796&sct=1&seg=0&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQz%7CaGluZXQ%3D&dr=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQz%7CaGluZXQ%3D&dt=&en=request&_ee=1&ep.event_category=player
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JRLWM3RJSP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ Frame 001E 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EKKX3GNP7C&gtm=2oeb90&_p=1190411500&cid=1047831193.1668801796&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&uid=8080aeff-b8c6-4d1a-9927-a73ee1c786ad&sid=1668801796&sct=1&seg=0&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQz%7CaGluZXQ%3D&dr=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQz%7CaGluZXQ%3D&dt=&en=scroll&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EKKX3GNP7C&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ Frame AC35 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JRLWM3RJSP&gtm=2oeb90&_p=513074476&cid=1047831193.1668801796&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1668801796&sct=1&seg=0&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQ2%7CaGluZXQ%3D&dr=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQ2%7CaGluZXQ%3D&dt=&_s=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JRLWM3RJSP&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ Frame AC35 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-EKKX3GNP7C&gtm=2oeb90&_p=513074476&cid=1047831193.1668801796&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&uid=8080aeff-b8c6-4d1a-9927-a73ee1c786ad&sid=1668801796&sct=1&seg=0&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fex.html%3Fid%3Dppn-aGluZXQ2%7CaGluZXQ%3D&dr=https%3A%2F%2Fplayer.svc.litv.tv%2Fv3%2Fppnif.html%3Fs%3DaGluZXQ2%7CaGluZXQ%3D&dt=&_s=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EKKX3GNP7C&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://player.svc.litv.tv
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 9536 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lamxi4su&c=5316747536603&slotId=2658373768301.5&qqid=CJKEvpPDuPsCFePiuwgdFiUDKQ&gqid=B-V3Y_zSA_yF9u8PqoGYkAU&fb=ima_html5-lima&sdkv=h.3.546.0&mrd=16&aab=1&itv=1&eee=missing-element&bi=missing-id&vast_v=3.0&ghmsh_eids=44748969%2C44765701%2C44771450&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&vmfc=2&vhc=0&wta=1&hghme=1&met.4=ghmsh_s.lamxi7w7~ghmsh_s.lamxi7w8~ghmsh_s.lamxi7w9&ghmsh_mi=22%2C18%2C&ghmsh_vi=134%2C136%2C243%2C247%2C&ghmsh_ai=139%2C140%2C250%2C&ghmsh_gvt=0&ams=1&vs=1280x720&vc=avc1.64001F&mt=video%2Fmp4&vsrc=youtube&bit=22&cpn=fZx_ECLLrMuNZLgn
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4009:82e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 9536 		453 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-video-pub-1343218370015870
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 19:23:06 GMT
x-content-type-options
nosniff
age
2416
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
453
x-xss-protection
0
last-modified
Wed, 13 Oct 2021 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
image/png
cache-control
public, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Nov 2022 20:13:06 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9536 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CF0dJB-V3Y9LkBePF7_UPlsqMyALJoO-SbKmg387aELCQHxABINHhgnZglYKAgLAHoAGW24LgA8gBBakCka74eGhVsT7gAgCoAwGYBACqBI0CT9BJfYLW8W7MOlGY2GuQiDa5GvJ6LU49I_odG8jANW1EodLaXucKYfNnpMv3WztXb-mJn4OB-XvJwsjziAbg1wGvRVWKug9vlZwG7qbamIhUDEgaNL8PskRjE4Xe8AUUW1ViDtaAe5ztf7JiPh6-mUXE-MjCh16QLrRasgHaMwER92qySiDc9rGcr8qwnZXmItd9LXSdGpFPO7tjz5a3zo8eGizTUrFjO5MD6MBx4h53UWCrQHSEi48wALRc3_pP2xLrkctZOkaE4D2yclWXOUMlp8sS6yojAGYzrbPYrW6UOZZnLP2XVoCLWHggMDcGabvgHfKG49ogQEz1pX3btK6k3tS_7r6mlLrO74vABNHB8aGRBOAEAaAGVIAH0qT9H6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQLEJ91JHotYab_6ACgOYCwHICwHQCw64DAGaDQEO2BMN0BUBmBYB4hYCCAH4FgGAFwE&sigh=uurOR7Y4K6Y&label=show_ad&sdkv=h.3.546.0&vci=CgsIAiAEKgNhZDFAAAprCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1NzQwODAxNDM0MDEyDDYxOTA1NTQ1MDUyMkCpHFIjEA8lAADIQSgBOgs2alRHQnh4U0ZVMEIJZ29vZ2xlYWRzUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 9536 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=C8A2YB-V3Y9LkBePF7_UPlsqMyALJoO-SbKmg387aELCQHxABINHhgnZglYKAgLAHoAGW24LgA8gBBakCka74eGhVsT7gAgCoAwGYBACqBIoCT9BJfYLW8W7MOlGY2GuQiDa5GvJ6LU49I_odG8jANW1EodLaXucKYfNnpMv3WztXb-mJn4OB-XvJwsjziAbg1wGvRVWKug9vlZwG7qbamIhUDEgaNL8PskRjE4Xe8AUUW1ViDtaAe5ztf7JiPh6-mUXE-MjCh16QLrRasgHaMwER92qySiDc9rGcr8qwnZXmItd9LXSdGpFPO7tjz5a3zo8eGizTUrFjO5MD6MBx4h53UWCrQHSEi48wALRc3_pP2xLrkctZOkaE4D2yclWXOUMlp8sS6yojAGYzrbPYrTaVk9VvHjS1xEAhxgS7rle2zvViks-k6XcqblQrA8KVNis09vinLDEg6CHABNHB8aGRBOAEAaAGVIAH0qT9H6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcFENWKvgGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAcITBhiW24LgA9gTDdAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTEzNDMyMTgzNzAwMTU4NzAYn9tr&sigh=rX6wNhIml18&cmd=Ch1jYS12aWRlby1wdWItMTM0MzIxODM3MDAxNTg3MBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSPADq26N9Rg81EnVY_xwNgUJUBUiAS0ObWF-4ck-bFi8NuUfsjeo7b_yf1-ILA42mWX0mmsJYnbmizCceOhgBIBM&vt=10&sdkv=h.3.546.0&vci=CgsIAiAEKgNhZDFAAAprCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1NzQwODAxNDM0MDEyDDYxOTA1NTQ1MDUyMkCpHFIjEA8lAADIQSgBOgs2alRHQnh4U0ZVMEIJZ29vZ2xlYWRzUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
truncated
/ Frame 9536 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A4BC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=1609444679087583&bg=!QkGlQQXNAAbvMpMzzzI7ACkAdvg8Wj8i-4PEwwmM1GHcrbMNsrLnKzIkTjXAwvfOnFupZaPfBvuCbAIAAABRUgAAAAJoAQcKAG66dXEVyFi2QtSU4IJNEPmIkPm2IuCcvbMe76EPy97w1btk5FzSzdA8TGoyowBszb08Blk-I-6gwj_y3Rhcgsg4YZEvWAO1MVz-5lg8yFGgDGYh7tVfSZEqIjFA9FpiQV3HdyFN-ytC50t66BqbGpkCvRJajuAO7mbgvgRI0iN5cTsRco1j3RvbTLncqctqOOEOGxB2N9MeIgy-pHfMU48myMatS6bUKPw7yVtxOi7RIodVV7ysZnT7cmGF-TTTlZ9cmu6x-FF-m0orH44koCxgjxGJLoyYlXbN557N1yRdUWgwol4qMSPpiK1G5o5AYeqz0_QFGqHGwQbHL3gcxqQg_o38PRCfFTupqoNMk2TLAeNRhlipJwQ8ctTsBD5BoyX6IsltLTPW-E14MkFeyo4yr5t1_Y10HF2NJHcNoVlxjlZGo6Wzy3fLvOzYm0_44F8xBwARMLPbPnc2_iFGPSb_BUoBAwhT8drIz5sy6Rpp1bwVQ4flywrkfvfMTZPdscAEVjgK0oOVlyA2DqYDir9vFuuM8A3EVEQbVt1Hfq8Y9uJY_4P8tYjvPyIPXvex1HXMHnU4SKtgOVMtI_AgOOOvHddVb4OHJ0z086tLfICaZQC6bSfc-Gv_uUp1SDFEbNK08C0yPEv_H3Qt1ph2ZirHJr5pq6tPocjQYZgEShnCkMJPJbsoGEt5WkXTHjiUwYGx6drsjtpvqUedp8hIhvCrNrooAVJf_EyGfTQqWACbtNORiMYW-k2BE1FoiOplAzP086UQAlJw3F1cvCgqO9CoE6oax7Xtu0bSIrq8fmt-UnNwE75M3GOtdxrWpBoyTt-qGJ33XGQwIM2wk9tWL9EMcS-4npbRPMedqjFveSZYIQgzylrYGmJv2HvjnnQeE4IZKs_RpcQ8CrGnTt3O5R8LYOyRZqgV8Afrz8UMjB4-xj4ZrdBVnt8CBmBvABMtU0u8sYb_FoE_7635PXSDNeUrgj_ObUded_poGSNn_CAfCLwsOn6qDH04-uE9YnweRgNPBO3Ru5-Ewpa-Pj0Rs9IcN0fYU7DJT_lIJd1IeeJEEccp72klbY1b8AYo7xSO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame E63D 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lamxi4px&c=5316747536603&slotId=2658373768301.5&eee=missing-element&bi=missing-id
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4009:82e::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9536 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=start&format=TRUEVIEW&lid=143&sdkv=h.3.546.0&e=44748969%2C44765701%2C44771450&id=ima_html5&c=1279807317250723&domain=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adServe.do
web.ssp.yahoo.com/admax/ Frame 10EF 		240 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/admax/adServe.do?dcn=8a969d0b017c7c07d54408192a8d0017&pos=8a969d0b017c7c07d544082575b8003e&secure=1&req(url)=hinet.net&ht=[playerheight]&wd=[playerwidth]
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d81f2ee155cfd49a8894b96b4d5ef63e1c2cbf32c3088702e8906e1c34454ba6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:22 GMT
x-content-type-options
nosniff
server
ATS/9.1.10.25
age
0
access-control-allow-methods
GET,POST
content-type
text/xml;charset=utf-8
access-control-allow-origin
https://imasdk.googleapis.com
access-control-expose-headers
X-Nexage-AdTid
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
access-control-allow-credentials
true
content-length
240
expires
Thu, 01 Jan 1970 00:00:00 GMT
videoplayback
rr5---sn-4g5lznez.googlevideo.com/ Frame E63D 		3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://rr5---sn-4g5lznez.googlevideo.com/videoplayback?expire=1668830599&ei=B-V3Y7zkF5vpx_AP19W42Ac&ip=2a00:c98:2030:a004:1::15&id=ea34c6071c52154d&itag=22&source=youtube&requiressl=yes&mh=jb&mm=31&mn=sn-4g5lznez&ms=au&mv=m&mvi=5&pl=39&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=25.054&lmt=1656704630047499&mt=1668801427&txp=1432434&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgCzIpyKArS4vipxsq3s5vPLzKVfjclpousXlnzXkH4SkCIEplDQCzSIf-ybqWtN09n9wKDKK7k6g99vKWxZ8rhNMr&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgF8PDJh3CWuxZtLW9QkBJ1mRT8HeEPQEcix7CXSpUZ84CIEU6CVAajnpxiymXqyQHkXvMFRYXy-NBOMh2mFRB95vy&cpn=fZx_ECLLrMuNZLgn
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:11::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
a9fd5bbac433e59062c2d99afa46d81ec0563ef5e98bcb68f7a94f9101165f0d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://times.hinet.net/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 18 Nov 2022 20:03:22 GMT
X-Content-Type-Options
nosniff
Last-Modified
Fri, 01 Jul 2022 19:43:50 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Content-Range
bytes 0-3510891/3510892
Cache-Control
private, max-age=28497
Cross-Origin-Resource-Policy
cross-origin
Connection
close
Accept-Ranges
bytes
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
3510892
Expires
Fri, 18 Nov 2022 20:03:22 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame 15EC 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Nov 2023 18:01:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 15EC 		875 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a8ee0403f4c897f53c06e745374d863e8072abf0b3ecc61a6ac5665e9acaf6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:22 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame CEDF 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Nov 2023 18:01:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame CEDF 		875 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a8ee0403f4c897f53c06e745374d863e8072abf0b3ecc61a6ac5665e9acaf6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:22 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame 6352 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Nov 2023 18:01:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame 6352 		875 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a8ee0403f4c897f53c06e745374d863e8072abf0b3ecc61a6ac5665e9acaf6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:22 GMT
pubads_impl_2022111501.js
securepubads.g.doubleclick.net/gpt/ Frame F5B9 		381 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:01:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7328
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132177
x-xss-protection
0
last-modified
Tue, 15 Nov 2022 09:35:23 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 18 Nov 2023 18:01:14 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ Frame F5B9 		875 B
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4a8ee0403f4c897f53c06e745374d863e8072abf0b3ecc61a6ac5665e9acaf6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:22 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DCDC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3527
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 19:04:35 GMT
expires
Sat, 18 Nov 2023 19:04:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5A28 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
acc34957b0589e8f0b854df23b2f98dead0fc1a75298ca469e2558ea4414c816
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-8haZonbsV53u_ULGYGR2Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-8haZonbsV53u_ULGYGR2Aw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:22 GMT
expires
Fri, 18 Nov 2022 20:03:22 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
integrator.js
adservice.google.de/adsid/ Frame 15EC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 15EC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 15EC 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3928169728155833&correlator=3874668995074593&eid=44761478%2C21065725&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=33575001%2Ctimespc300600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=933078616&sfv=1-0-40&sc=1&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&abxe=1&dt=1668801802817&lmt=1668801802&dlt=1668801802340&idt=467&adxs=1000&adys=2784&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=1&ucis=rbpklw8f920t&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ref=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&frm=23&vis=1&psz=300x600&msz=300x600&fws=260&ohw=300&ea=0&ga_vid=1365366507.1668801795&ga_sid=1668801803&ga_hid=145154760&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3dfa1a24fffa5217c022642b6c3789b9cee2e44a504a484a7c7d750d164e0d3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9750
x-xss-protection
0
google-lineitem-id
5753974224
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138358602477
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame BE12 		6 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:22 GMT
expires
Sat, 18 Nov 2023 20:03:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame CEDF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame CEDF 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame CEDF 		26 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3623574812094311&correlator=850124593943249&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=33575001%2Ctimes300250pand&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2857526175&sfv=1-0-40&sc=1&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&abxe=1&dt=1668801802864&lmt=1668801802&dlt=1668801800251&idt=2607&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=sfrvfme1on1g&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ref=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&frm=23&vis=1&psz=0x0&msz=0x0&fws=260&ohw=0&ea=0&ga_vid=1365366507.1668801795&ga_sid=1668801803&ga_hid=337152653&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27da1fea5ad542a272cdf70a784610a5983a6eab88ca16e1f3e534afed97b997
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11686
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C9B7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:22 GMT
expires
Sat, 18 Nov 2023 20:03:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame F5B9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F5B9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame F5B9 		21 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4482062431799733&correlator=4105077989024486&eid=31070233&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=33575001%2Cportal_niusnews300x250-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2460948243&sfv=1-0-40&sc=1&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&abxe=1&dt=1668801802884&lmt=1668801802&dlt=1668801801830&idt=1047&adxs=1000&adys=2514&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=1&ucis=3nxkwt7xq05&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ref=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&frm=23&vis=1&psz=300x250&msz=300x250&fws=260&ohw=300&ea=0&ga_vid=1365366507.1668801795&ga_sid=1668801803&ga_hid=47933674&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46feea97b31aa34ae5e558907f9ad3a8a1a4dbe5aab0f9cf267b5d7761d420fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9670
x-xss-protection
0
google-lineitem-id
5755788218
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138372980074
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
40c049bd40f579caaf6e3829066840e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F789 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://40c049bd40f579caaf6e3829066840e1.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:22 GMT
expires
Sat, 18 Nov 2023 20:03:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 6352 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6352 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6352 		20 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=21661793632707&correlator=1486269208819631&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=33575001%2Cportal_niusnews300x250-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2798357613&sfv=1-0-40&sc=1&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&abxe=1&dt=1668801802901&lmt=1668801802&dlt=1668801800768&idt=2124&adxs=1000&adys=745&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=r3azvghhcavn&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ref=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&frm=23&vis=1&psz=300x250&msz=300x250&fws=260&ohw=300&ea=0&ga_vid=1365366507.1668801795&ga_sid=1668801803&ga_hid=823414897&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c607e5c4838e294efc296a9535a7e361e79353def49976206a99c0967a97d3a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9522
x-xss-protection
0
google-lineitem-id
5753961312
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138360167994
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D5CC 		5 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:22 GMT
expires
Sat, 18 Nov 2023 20:03:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:23 GMT
Via
1.1 f535ebbbbd7f05468fe793ceeef59766.cloudfront.net (CloudFront)
X-Amz-Cf-Id
n5B3PgRbTRgTkewvC2HkDLIFE_GnTWDXdOyrB2Uxaaljft88jE9ntw==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:23 GMT
Via
1.1 1dd6f08fb93545a8d6cac36f521d0678.cloudfront.net (CloudFront)
X-Amz-Cf-Id
VVwnXLF-vqmpJITism4Ge8nynsX7ftTggLA5PgKJajm-zEmKKTLUtw==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
8665f9fb827b94b5b4001148ed08b6a29b75cfac0c654dcfe03a94ebb30c8fc1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:23 GMT
Via
1.1 f535ebbbbd7f05468fe793ceeef59766.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
C3UHffGeu_q4EhW2h6OUOxXgWHsVoEsVDGO9TkOQX42NS0-bV516oA==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
3ed3f03718eff3ffa2046ed596a64358bf78d8156bc22d20555181269a1632f4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:23 GMT
Via
1.1 e4dad8517f8b396b91a41158b44e938c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
rRZ23iLu81svxJu316NKpXyRZfvugizofBIYH9jkYmIKjKvo3cHp0g==
integrator.js
adservice.google.com/adsid/ Frame 334C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame E35F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstN_yDqr98XkzqxGrXeBgz9nZDxGImk0l5Oa4BKt7eX9EmxMedrXfcHLxtsZcfnbmZQV_6eGUoyDczyPD0SP-vtPF6dU3nqAANZmzTVsNUefIICYSpZ-UEdceN12pNQXD_xDj6TUoLv79fmd-BreRVCFKHvL1WjrHbLKgpTzffZhKfiFzuM6Tr9a7xn6bC8mq4NkQ0hrUufrQcn4N2QkXUQWmt2rGba6t0ZY1pw0xBDxT791_tSrcZyCcC8UfalWnhSjxvBKgW2LiFzckPxMeINiUniw63dEOwXtMO6mTRCtaHaUQh4HBxVDz_ldZ2gPepZ&sai=AMfl-YSbr1quF4f0jR3CBhZ6ISG9ql1j_FjYdUkDGLzMQvJRjhtSMc3swUMYn0rCN1M0GuHOMy6UPP8uPlDZxm8YlkOtxIUxKiefb4ojuxa4vc017RO_qlPJ_UkXS55dfqiCtg&sig=Cg0ArKJSzEZj2aoxV3FBEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adsbytenmax.js
tenmax-static.cacafly.net/ssp/ Frame 15EC 		134 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47119fea73affb35e35934b16ca3601cadd0235697bc2312fa12f7c8ad666030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
jlPUo8Dm6WDP/xpxswiZ3w==
age
2917
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Fri, 18 Nov 2022 07:09:27 GMT
server
cloudflare
etag
0x8DAC933D4C5423D
x-azure-ref
0uzB3YwAAAADiAoUEBDSfQIB4IcEWCJshQU1TMDRFREdFMTkxNwBiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d30b3009-801e-009a-031c-fb6e32000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=1800
x-ms-version
2009-09-19
cf-ray
76c34f245b1e9106-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E35F 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5A28 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=3808773216574337&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
ad_request
ads.aralego.com/ Frame 10EF 		85 B
688 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?host=hinet.net&ver=UCX_WEB-20200113&adid=ad-9A29A6793E9676BA0763E7D3DA68A6B&dnt=https%3A%2F%2Fwww.hinet.net%2F&je=1&skip=1&skipafter=30&skipmin=30
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
108.59.1.185 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
cabdfb214a4f4a69ac417ff9e48f28610667628fc23b6573f9d1e7cc2d47617b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:23 GMT
X-Width
640
X-Height
360
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/xml; charset=utf-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-Adtype
vast
Connection
close
Content-Length
85
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame DCDC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92723
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 18:17:59 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 928D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv4CTGoAQtdQIlpc9mhRY60FAtQ3NVnFC_aytcHKnU_j3racuibC6OknLpWgCZPZW5xo-v8KbTn0KwDpIoTJ1aKiiWw-rpWbndIT0cVJTz63SkP-ZUaK7TeqvJQ5c6CFayDn8VXkxwfX98X_4CW5_TUNmjCdbBZrRWZMd0DH5kix2aRxWttt6UvY1hwMy5tQ9nhdhUeE5rzeMmH3tOlLrEOz7VkcX0NvoFYGJZElpUl28tgJMaAvRBO2-t8c4xVNwFmUVn2e_4WzWU3J84ApBg0saADwUsgoJkvKsyxRERrXDkth-HUwc9C31zZ09HfLTQ-HQRuyoo2ICzi8R0&sai=AMfl-YT0c55dn2AQu9EWd1OeM0zhSAA3arFaLyDSScCuI12EhRClpkBZVnhOIDI-5PXn0hG9ld6MDtx9b9P4H4xShQBfxHwatOfUEGDDKreMvnEsMuR6AsNbkpYCR2aG3RmezQ&sig=Cg0ArKJSzLMpyLm8WuXIEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
adsbytenmax.js
tenmax-static.cacafly.net/ssp/ Frame 6352 		134 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:8ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47119fea73affb35e35934b16ca3601cadd0235697bc2312fa12f7c8ad666030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
cf-cache-status
HIT
content-md5
jlPUo8Dm6WDP/xpxswiZ3w==
age
2918
x-cache
TCP_HIT
x-ms-lease-status
unlocked
last-modified
Fri, 18 Nov 2022 07:09:27 GMT
server
cloudflare
etag
0x8DAC933D4C5423D
x-azure-ref
0uzB3YwAAAADiAoUEBDSfQIB4IcEWCJshQU1TMDRFREdFMTkxNwBiMTIxZTIxYy03YzI4LTQwOGItYmQwZi05M2NiNGU3ZGZlZGU=
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
x-ms-request-id
d30b3009-801e-009a-031c-fb6e32000000
access-control-expose-headers
x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control
max-age=1800
x-ms-version
2009-09-19
cf-ray
76c34f24cbff9106-FRA
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 928D 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:23 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9536 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CF0dJB-V3Y9LkBePF7_UPlsqMyALJoO-SbKmg387aELCQHxABINHhgnZglYKAgLAHoAGW24LgA8gBBakCka74eGhVsT7gAgCoAwGYBACqBI0CT9BJfYLW8W7MOlGY2GuQiDa5GvJ6LU49I_odG8jANW1EodLaXucKYfNnpMv3WztXb-mJn4OB-XvJwsjziAbg1wGvRVWKug9vlZwG7qbamIhUDEgaNL8PskRjE4Xe8AUUW1ViDtaAe5ztf7JiPh6-mUXE-MjCh16QLrRasgHaMwER92qySiDc9rGcr8qwnZXmItd9LXSdGpFPO7tjz5a3zo8eGizTUrFjO5MD6MBx4h53UWCrQHSEi48wALRc3_pP2xLrkctZOkaE4D2yclWXOUMlp8sS6yojAGYzrbPYrW6UOZZnLP2XVoCLWHggMDcGabvgHfKG49ogQEz1pX3btK6k3tS_7r6mlLrO74vABNHB8aGRBOAEAaAGVIAH0qT9H6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQLEJ91JHotYab_6ACgOYCwHICwHQCw64DAGaDQEO2BMN0BUBmBYB4hYCCAH4FgGAFwE&sigh=uurOR7Y4K6Y&label=video_ad_loaded&sdkv=h.3.546.0&vci=CgsIAiAEKgNhZDFAAApuCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1NzQwODAxNDM0MDEyDDYxOTA1NTQ1MDUyMkCpHFImEA8lAADwQSgBOgs2alRHQnh4U0ZVMEIJZ29vZ2xlYWRzSMYCUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame CEDF 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
870209306d465a51427de40a0492422a44be68420a14c7cb6dd32ddc5580e86d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11154
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F5B9 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
92010ba63f2888c34518ec986d33cdef5ce0aa7ef20cb2b65dae6e257aa57c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11128
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame E724 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6vtwEQtap7HkcZ2KybBSOFfzcqc7qw1rCMxfH1dkB8TpqCqtL7IHeR9B-9X397M2Xn3NWKruwExQu02Hlo4SYUSXc6j4GGtn8UGJhRQsKy27J0s-Ng2L1NjX6l6wbZAOPP_d6QX3ICYl6K7phtLhOZ_GjAUYwR26y6OU5PacbLRY3sGku_ABNxgAyXhDH3E1_mS6pJvQ-Di29looJMuywcHi-RClbhlTyNc2clhd724z_yoh4w0OqCqWpx0C1GWk-DLfpRrzGix9_iCO8wUdkWtUg9t6Rn_AaqXSTzbk9vcWhxr--Okre7Gg09BnJHnzzKnrOx-FAXkOqUNk&sai=AMfl-YTUNSOr5YsR9sesdzIwUKBrd_pdZIYVGyTR35JVLPKd_mIa_cz_IyAFAfqs5g26f81n6brcUamhvvmq-9g8jvCsDgTrr695u4Fa6x-0Mn0JFzk-5hf_XM6lQsY6IEEZsA&sig=Cg0ArKJSzGKMchK5DHIVEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
admax_api_https.js
web.ssp.yahoo.com/js/admax/ Frame E724 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://web.ssp.yahoo.com/js/admax/admax_api_https.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
d77b5fa8ab16e810b58ac909b4ad45c6568dfc3ff491d16567fce40288bf087d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
last-modified
Fri, 18 Nov 2022 06:09:54 GMT
server
ATS/9.1.10.25
accept-ranges
bytes
age
0
content-length
2651
content-type
application/javascript
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame E724 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame E35F 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsug8YRDsK1vNfaIMUa8QY35O1DTV2JHnYvyyQVGeBj-jbstMX0uis9D8gzgg2NiQTgkVIVmmS1wEqPzxoc2F-KPu8fmlEWUGfo0BfcvVtMlZDQIwHYUUPrh-2pHoUa0-qTRUERrr7A7zJcjJvoqy7WcKfP9aPZrybTCa9WXpJs8ZYeOp2RnXeov3T8HjYkORtjI76nWl6R7uipeV6eW9XeN9Vw-2eaXwiWZiZSKbdieJxJhfhIDPukqBo6KbpUkV9icwSQJLsxNrn-hx66gvyETqeXTgHhP4h8Reo7iRMGLE6iXYoYzWb_b2CS-hVpIovSNsp0&sai=AMfl-YQ82VisZUreFURW9i_xxvrTE6xeTOQs_AbjTIlDBHGokDnTQ7OJM7SO7leF4wXguZEzwN3LSL1UnQ7IY1EPdf2AgAXmIsj_cqhkynLWV02HIaY4vbgF3GSYrKI5hmkBhw&sig=Cg0ArKJSzDvZHsup3CiiEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:23 GMT
Oy6hyfNY.js
tpc.googlesyndication.com/sodar/ Frame 9536 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 19:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
262940
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15406
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 15 Nov 2023 19:01:03 GMT
adview
pubads.g.doubleclick.net/pagead/ Frame 9536 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/pagead/adview?ai=C8A2YB-V3Y9LkBePF7_UPlsqMyALJoO-SbKmg387aELCQHxABINHhgnZglYKAgLAHoAGW24LgA8gBBakCka74eGhVsT7gAgCoAwGYBACqBIoCT9BJfYLW8W7MOlGY2GuQiDa5GvJ6LU49I_odG8jANW1EodLaXucKYfNnpMv3WztXb-mJn4OB-XvJwsjziAbg1wGvRVWKug9vlZwG7qbamIhUDEgaNL8PskRjE4Xe8AUUW1ViDtaAe5ztf7JiPh6-mUXE-MjCh16QLrRasgHaMwER92qySiDc9rGcr8qwnZXmItd9LXSdGpFPO7tjz5a3zo8eGizTUrFjO5MD6MBx4h53UWCrQHSEi48wALRc3_pP2xLrkctZOkaE4D2yclWXOUMlp8sS6yojAGYzrbPYrTaVk9VvHjS1xEAhxgS7rle2zvViks-k6XcqblQrA8KVNis09vinLDEg6CHABNHB8aGRBOAEAaAGVIAH0qT9H6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcFENWKvgGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAcITBhiW24LgA9gTDdAVAZgWAeIWAggBgBcBshceChwIABIUcHViLTEzNDMyMTgzNzAwMTU4NzAYn9tr&sigh=rX6wNhIml18&cmd=Ch1jYS12aWRlby1wdWItMTM0MzIxODM3MDAxNTg3MBAAGAI&uach_m=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&cid=CAQSPADq26N9Rg81EnVY_xwNgUJUBUiAS0ObWF-4ck-bFi8NuUfsjeo7b_yf1-ILA42mWX0mmsJYnbmizCceOhgBIBM&sdkv=h.3.546.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9536 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C00IEB-V3Y9LkBePF7_UPlsqMyALJoO-SbKmg387aELCQHxABINHhgnZglYKAgLAHoAGW24LgA8gBBakCka74eGhVsT7gAgCoAwGYBACqBIoCT9BJfYLW8W7MOlGY2GuQiDa5GvJ6LU49I_odG8jANW1EodLaXucKYfNnpMv3WztXb-mJn4OB-XvJwsjziAbg1wGvRVWKug9vlZwG7qbamIhUDEgaNL8PskRjE4Xe8AUUW1ViDtaAe5ztf7JiPh6-mUXE-MjCh16QLrRasgHaMwER92qySiDc9rGcr8qwnZXmItd9LXSdGpFPO7tjz5a3zo8eGizTUrFjO5MD6MBx4h53UWCrQHSEi48wALRc3_pP2xLrkctZOkaE4D2yclWXOUMlp8sS6yojAGYzrbPYrTaVk9VvHjS1xEAhxgS7rle2zvViks-k6XcqblQrA8KVNis09vinLDEg6CHABNHB8aGRBOAEAaAGVIAH0qT9H6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=js0yEW3Z0Uk&cmd=Ch1jYS12aWRlby1wdWItMTM0MzIxODM3MDAxNTg3MBAAGAI&label=vast_creativeview&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D19%26nas%3D1%26sdk%3Dh%26p%3D980,10,1160,330%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D25007%26vmtime%3D-1%26is%3D275%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4154%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D635615763%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668801798502%26ptlt%3D1668801803044%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1668801802684&sdkv=h.3.546.0&vci=CgsIAiAEKgNhZDFAAApuCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1NzQwODAxNDM0MDEyDDYxOTA1NTQ1MDUyMkCpHFImEA8lAADwQSgBOgs2alRHQnh4U0ZVMEIJZ29vZ2xlYWRzSMYCUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 9536 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskhpJU0j_eK67RWrn0FwOcbRe2n4Qh0y4ZGeKYqJV-7JAsU4DXu3bsXETw80cRszjgWKGaNYYkhE-rIJfY4jPSYZMCdtMfzL6O24NaQh7OE7VvdyxAiroVIWv4ACLUbW-iji2PbwP1xH06lgXeZZo01h6RQ-wlMT0r&sai=AMfl-YSnXq0hcfDdV8A9ZhU2PQrerMusCo6w2M8y17DOXZ-p1-cRFcJdZpqaRXl9bJhIsFNrb8rlvQuQtgLTmsXsZxL28_8uBYsTcMbA3yYPcR96FPtE9kXB8xhUAYus7BI&sig=Cg0ArKJSzG7gamoKacgqEAE&cid=CAQSPADq26N9Rg81EnVY_xwNgUJUBUiAS0ObWF-4ck-bFi8NuUfsjeo7b_yf1-ILA42mWX0mmsJYnbmizCceOhgBIBM&id=lidarv&acvw=sv%3D941%26cb%3Dima%26e%3D15%26nas%3D1%26sdk%3Dh%26p%3D980,10,1160,330%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D25007%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26ic%3D274%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4154%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D635615763%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668801798502%26ptlt%3D1668801803045%26pngs%3D9,14,15%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1668801802684&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9536 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C00IEB-V3Y9LkBePF7_UPlsqMyALJoO-SbKmg387aELCQHxABINHhgnZglYKAgLAHoAGW24LgA8gBBakCka74eGhVsT7gAgCoAwGYBACqBIoCT9BJfYLW8W7MOlGY2GuQiDa5GvJ6LU49I_odG8jANW1EodLaXucKYfNnpMv3WztXb-mJn4OB-XvJwsjziAbg1wGvRVWKug9vlZwG7qbamIhUDEgaNL8PskRjE4Xe8AUUW1ViDtaAe5ztf7JiPh6-mUXE-MjCh16QLrRasgHaMwER92qySiDc9rGcr8qwnZXmItd9LXSdGpFPO7tjz5a3zo8eGizTUrFjO5MD6MBx4h53UWCrQHSEi48wALRc3_pP2xLrkctZOkaE4D2yclWXOUMlp8sS6yojAGYzrbPYrTaVk9VvHjS1xEAhxgS7rle2zvViks-k6XcqblQrA8KVNis09vinLDEg6CHABNHB8aGRBOAEAaAGVIAH0qT9H6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=js0yEW3Z0Uk&cmd=Ch1jYS12aWRlby1wdWItMTM0MzIxODM3MDAxNTg3MBAAGAI&label=part2viewed&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D0%26nas%3D1%26sdk%3Dh%26p%3D980,10,1160,330%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D0%26pst%3D-1%26dur%3D25007%26vmtime%3D-1%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D275%26i0%3D275%26ic%3D0%26cs%3D274%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4154%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D635615763%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668801798502%26ptlt%3D1668801803046%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1668801802684&sdkv=h.3.546.0&vci=CgsIAiAEKgNhZDFAAApuCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1NzQwODAxNDM0MDEyDDYxOTA1NTQ1MDUyMkCpHFImEA8lAADwQSgBOgs2alRHQnh4U0ZVMEIJZ29vZ2xlYWRzSMYCUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9536 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?evt=showui&format=TRUEVIEW&lid=143&sdkv=h.3.546.0&e=44748969%2C44765701%2C44771450&id=ima_html5&c=1279807317250723&domain=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9536 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C00IEB-V3Y9LkBePF7_UPlsqMyALJoO-SbKmg387aELCQHxABINHhgnZglYKAgLAHoAGW24LgA8gBBakCka74eGhVsT7gAgCoAwGYBACqBIoCT9BJfYLW8W7MOlGY2GuQiDa5GvJ6LU49I_odG8jANW1EodLaXucKYfNnpMv3WztXb-mJn4OB-XvJwsjziAbg1wGvRVWKug9vlZwG7qbamIhUDEgaNL8PskRjE4Xe8AUUW1ViDtaAe5ztf7JiPh6-mUXE-MjCh16QLrRasgHaMwER92qySiDc9rGcr8qwnZXmItd9LXSdGpFPO7tjz5a3zo8eGizTUrFjO5MD6MBx4h53UWCrQHSEi48wALRc3_pP2xLrkctZOkaE4D2yclWXOUMlp8sS6yojAGYzrbPYrTaVk9VvHjS1xEAhxgS7rle2zvViks-k6XcqblQrA8KVNis09vinLDEg6CHABNHB8aGRBOAEAaAGVIAH0qT9H6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=js0yEW3Z0Uk&cmd=Ch1jYS12aWRlby1wdWItMTM0MzIxODM3MDAxNTg3MBAAGAI&label=admute&ad_mt=0&acvw=sv%3D941%26cb%3Dima%26e%3D10%26nas%3D1%26sdk%3Dh%26p%3D980,10,1160,330%26tos%3D44,0,0,0,0%26mtos%3D44,44,44,44,44%26amtos%3D0,0,0,0,0%26mcvt%3D44%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D44%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D44%26pst%3D-1%26dur%3D25007%26vmtime%3D-1%26dvs%3D44%26dfvs%3D44%26dvpt%3D44%26is%3D275%26i0%3D275%26ic%3D4096%26cs%3D4370%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4154%26femvt%3D0%26emc%3D3%26emuc%3D0%26emb%3D2,0,0,0,0%26avms%3Dexc%26qi%3D635615763%26psm%3D-2147483648%26psv%3D-2147483648%26psfv%3D-2147483648%26psa%3D0%26pnmm%3D1668801798502%26ptlt%3D1668801803049%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,44&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0.03%26t%3D1668801802684&sdkv=h.3.546.0&vci=CgsIAiAEKgNhZDFAAApuCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1NzQwODAxNDM0MDEyDDYxOTA1NTQ1MDUyMkCpHFImEA8lAADwQSgBOgs2alRHQnh4U0ZVMEIJZ29vZ2xlYWRzSMYCUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		505 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ad32bac7a2433792f99bb26dcf20ee021040ad2c3b9ca9ceb7e96d2f30c0c4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml
spaceSetting
ssp.tenmax.io/supply/v3/universal/ Frame 15EC 		117 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.tenmax.io/supply/v3/universal/spaceSetting?rmaxSpaceId=e25285a509b74249&referer=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&bodyWidth=1600&bodyHeight=1200&cacheBuster=477aa453-3fc8-4adc-8d1b-5dbb546d3ef1
Requested by
Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
dde62bd39efec70fac8c8d17a4fd1151608f0d08d09d3985abd7b1be9dfbbba6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:23 GMT
Server
nginx
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://times.hinet.net
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
117
X-Application-Context
application:prod,aggregator,build-ext:58070
cm
dmp.tenmax.io/ Frame 15EC
Redirect Chain
  • https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=372997837
  • https://dmp.tenmax.io/cmp
  • https://cm.g.doubleclick.net/pixel?google_nid=cacafly&google_ula=514624859,1668801803&google_hm=Q2ZrZGdHZDhFZTJsdjNWRThSaWhQQT09&google_cm
  • https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESENcOao7F25_abVCLKCBYAoQ&google_cver=1&google_ula=514624859,0
0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESENcOao7F25_abVCLKCBYAoQ&google_cver=1&google_ula=514624859,0
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
HTTP/1.1
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:23 GMT
Server
nginx
Connection
keep-alive
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESENcOao7F25_abVCLKCBYAoQ&google_cver=1&google_ula=514624859,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adServe.do
prod-m-node-3113.ssp.yahoo.com/admax/ Frame E724 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad635369&dcn=8a9694f0017d7d25311527e135cf0046&pos=8a9699a8017d7d294f872b71e07c003e&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/107.0.5304.110%20Safari/537.36&of=js
Requested by
Host: web.ssp.yahoo.com
URL: https://web.ssp.yahoo.com/js/admax/admax_api_https.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.190.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-190-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
be0a4d03418d3b32789b1abc6ccbe1ac80a7732da568a1e7aef705fcf76d9f1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
x-content-type-options
nosniff
server
nginx
content-type
application/x-javascript;charset=utf-8
cache-control
no-store, no-cache, must-revalidate, max-age=0, no-transform, post-check=0, pre-check=0
content-length
3053
expires
Thu, 01 Jan 1970 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 928D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstzuYuJkcIqBIN4mXn6L76jKVG5rupWM_RUJkpDYUqqYQAMO4En3N0q6bu79TFyIjj4lHOZGVm8uBaGEIbFd464NxJKDKHEFbLNue6O8CAx17jqX9lHRtDIWgc0KWg8zI27Md7lm0FozTHgd5DJvqCkX5N9VIoZR2rHYs-FzDJZ0yAVP29kOen3RmBpAAu8gTmllfKl4WIwfQ-W9CDVvj8iZT4DihQXWmydlKCx0IMgTZLImC2RN4sD5s1fMJP0kimlDuX6UnRCJkQNSFUC1tcuPFxD0qqIEqDUYnjtNRIMMgkWayN744087_Ku1bBx7h8nqqqQa_-HbhWdDRnpeg&sai=AMfl-YQ02V0mv9dmoe6V6gqcBCIPcx-jHPmEcs3JBlQ8GkMHnAY7clvvWplxIy8vvwGUUrMJK-2S0VTtXw5Td-ZNSTcdag9fmiPpUjZ6Z5JY7fDYfUZAZMeDBYF32k6R6gfa_Q&sig=Cg0ArKJSzCHGBxoh1TvJEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame CEDF 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:23 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F5B9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:23 GMT
spaceSetting
ssp.tenmax.io/supply/v3/universal/ Frame 6352 		117 B
476 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.tenmax.io/supply/v3/universal/spaceSetting?rmaxSpaceId=a8ebbb33367a4652&referer=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&bodyWidth=1600&bodyHeight=1200&cacheBuster=3f4b62dc-3c15-4680-adc0-7b234e3bd5f8
Requested by
Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
dde62bd39efec70fac8c8d17a4fd1151608f0d08d09d3985abd7b1be9dfbbba6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:23 GMT
Server
nginx
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://times.hinet.net
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
117
X-Application-Context
application:prod,aggregator,build-ext:58070
cm
dmp.tenmax.io/ Frame 6352
Redirect Chain
  • https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=518462501
  • https://dmp.tenmax.io/cmp
  • https://cm.g.doubleclick.net/pixel?google_nid=cacafly&google_ula=514624859,1668801803&google_hm=Q2ZrZGdHZDhFZTJsdjNWRThSaWhQQT09&google_cm
  • https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESENcOao7F25_abVCLKCBYAoQ&google_cver=1&google_ula=514624859,0
0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESENcOao7F25_abVCLKCBYAoQ&google_cver=1&google_ula=514624859,0
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
HTTP/1.1
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:23 GMT
Server
nginx
Connection
keep-alive
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESENcOao7F25_abVCLKCBYAoQ&google_cver=1&google_ula=514624859,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hhrtBw21.html
tpc.googlesyndication.com/sodar/ Frame 03B5 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Oy6hyfNY.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://imasdk.googleapis.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
188813
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 16 Nov 2022 15:36:30 GMT
expires
Thu, 16 Nov 2023 15:36:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C1E1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3528
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 19:04:35 GMT
expires
Sat, 18 Nov 2023 19:04:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F195 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6bcedf7d1b09239b1a8e2a6d4ee1e8a3936eb591a629031e10e863b338caa60b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qoY3GhHFxl5V-akdJIaEpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-qoY3GhHFxl5V-akdJIaEpA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:23 GMT
expires
Fri, 18 Nov 2022 20:03:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EBF3 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3528
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 19:04:35 GMT
expires
Sat, 18 Nov 2023 19:04:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3951 		783 B
537 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
3d94148a8f294c9f43b47c9993c6e422d082e7b77cb8694ef5d338fc299a3090
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-BNLIcj1QHAuYK7c42DO23A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
515
content-security-policy
script-src 'report-sample' 'nonce-BNLIcj1QHAuYK7c42DO23A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:23 GMT
expires
Fri, 18 Nov 2022 20:03:23 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
container.html
43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6EF9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:22 GMT
expires
Sat, 18 Nov 2023 20:03:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 03B5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/hhrtBw21.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 18:17:59 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame E724 		144 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1311151640559524
Requested by
Host: prod-m-node-3113.ssp.yahoo.com
URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad635369&dcn=8a9694f0017d7d25311527e135cf0046&pos=8a9699a8017d7d294f872b71e07c003e&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/107.0.5304.110%20Safari/537.36&of=js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
81f33cd0683272db1be7bc7ea3532a9651d2121a5264a0c1bd47e98e5d1028a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Origin
https://times.hinet.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49311
x-xss-protection
0
server
cafe
etag
5052058709530680315
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Nov 2022 20:03:23 GMT
talon-1.0.40.js
cdn.js7k.com/ix/ Frame E724 		69 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/ix/talon-1.0.40.js
Requested by
Host: prod-m-node-3113.ssp.yahoo.com
URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad635369&dcn=8a9694f0017d7d25311527e135cf0046&pos=8a9699a8017d7d294f872b71e07c003e&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/107.0.5304.110%20Safari/537.36&of=js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:02:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=15552000
x-amz-request-id
1V03D8KW848C0M0W
age
63
x-amz-server-side-encryption
AES256
content-length
16540
x-amz-id-2
fKoJA1cuCdaVLeE1FdC0jTNhs7wFOPyLKjOAy+8dWbR7FiWjw3at17cINlWNRDnfq3JnmfXIUNs=
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 12 Apr 2022 16:08:42 GMT
server
ATS
etag
"adf514fab5c3f95007c73e6c3c901bfe-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=14400
accept-ranges
bytes
adEvent.do
prod-m-node-3113.ssp.yahoo.com/admax/ Frame E724 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prod-m-node-3113.ssp.yahoo.com/admax/adEvent.do?tidi=770955515&dcn=8a9694f0017d7d25311527e135cf0046&posi=1605372&grp=%3F%3F%3F&nl=1668801803221&rts=1668801803137&pix=1&et=1&a=1e51137b0a724dd992710662d73c3ab2&m=aXAtMTAtMjItMTE4LTMx&b=MTMxMDc7UHVibGlzaGVyIFBhc3NiYWNrIFNlYXQ7Pz8_Ozs7OzA0YzQ5YTEwMzk2ZTQ5ZmRhZDdkMDkzYjU4MjRhNDE4OzMwNTI2OTU1OzE2Njg3OTk4NDg7OzA7OzA7O3Bhc3NiYWNrLTEyNzczOzsxOzE.&xdi=Q2hyb21lIC0gV2luZG93c3xHb29nbGV8TlQgMTAuMHwxN3xEZXNrdG9w&xoi=MHxERVU.&af=7&dety=5
Requested by
Host: prod-m-node-3113.ssp.yahoo.com
URL: https://prod-m-node-3113.ssp.yahoo.com/admax/adServe.do?cTag=ad635369&dcn=8a9694f0017d7d25311527e135cf0046&pos=8a9699a8017d7d294f872b71e07c003e&secure=1&ua=Mozilla/5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit/537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome/107.0.5304.110%20Safari/537.36&of=js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.190.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-190-109.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
last-modified
Thu, 17 Nov 2022 22:27:38 GMT
server
nginx
accept-ranges
bytes
content-length
43
content-type
image/gif
generate_204
tpc.googlesyndication.com/ Frame DCDC 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?udelqg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 6EF9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CDLtECuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBP8BT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFiRPtLWDaQ8oz49vNbS_zQyKLfeXxqnliJ6dsryHlaG09swShbve4AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTI5Nzc4NzUyODEzMzgzMzAYmeog&sigh=HtDKS8NcXO8&uach_m=[UACH]&cid=CAQSPADq26N9VrDIOnBhi0_-elt3aOD3EGTtIdOO2hGooyMu1H2hwvchm2_abk8KVkXF8ejWhaADglgwmHWgwxgBIBM
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
notify
rtb.nl.eu.criteo.com/google/auction/ Frame 6EF9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kMWCFMc1rAL6AZ2DYgICAAAA-wrWrqMKTyEQCuV3Y3bY4t3WZyGZtpTgABIAAA&wp=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
183025
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 1EDD 		122 KB
33 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Requested by
Host: 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
10c2b30be072e0473500fe63dccf58fb5dd4210e80dd1c4d5517d89de74162bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:22 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=-tWz165wfXM1JPjvhapI_QrwdqRAu8WVK7nha6uAjGGNCBjb8VCi_n3l4IW4mO87GayOYGGOiQUOSYJbCYd8qo3f_HY6bATJwNQxICtl0Zn7XP6muUbuAS-H7yMlq9Ymu7aAujC0gJ3sWq9qdxQImv4onYN0OrqEDYyvdF6WIBfHjbjsu6VoLYhfvpScv3hfz8u99ocnDmQRQU9QAn41QrVkx0Vd__8GBVgDlC1mxcaQZmilbLfBEZ39ngA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
22102470
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6EF9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:01:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
7325
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 18:01:18 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4A7D 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
5361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 18:34:02 GMT
etag
48472445140208031
expires
Sat, 19 Nov 2022 18:34:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 6EF9 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16058
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:35:45 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 6EF9 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Tue, 15 Nov 2022 15:43:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
274794
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Nov 2023 15:43:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6EF9 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:23 GMT
playback
www.youtube.com/api/stats/ Frame 9536 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/api/stats/playback?ns=yt&fexp=44748969%2C44765701%2C44771450&el=adunit&cpn=fZx_ECLLrMuNZLgn&docid=6jTGBxxSFU0&visitordata=Cgt3NnRobkNvWmQ4Zw%253D%253D&ver=2&cmt=0.260&fmt=18&rt=0.000&adformat=2_2_1&euri=https%3A%2F%2Ftimes.hinet.net%2F&len=25.008&vtype=gvp&c=web_gvp_ads&cver=h.0.0.0&cbr=Chrome&cbrver=107.0.5304.110&cos=Win32&cosver=537.36&cplatform=desktop&mos=1&volume=0&delay=23&rtn=10
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame F195 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=3623574812094311&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3951 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=4482062431799733&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame C1E1 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 18:17:59 GMT
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame EBF3 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 18:17:59 GMT
truncated
/ Frame E724 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c09f88beef2fa64da212dcff0cfe9c0075221ecbf280c67c8841c6afec15ed9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
placeInIframe
ssp.tenmax.io/api/monitor/ Frame 15EC 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.tenmax.io/api/monitor/placeInIframe?spaceId=e25285a509b74249&referer=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251
Requested by
Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:24 GMT
Server
nginx
Vary
Origin, Accept-Encoding, User-Agent
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://times.hinet.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-Application-Context
application:prod,aggregator,build-ext:58070
plan
ssp.tenmax.io/supply/v3/universal/ Frame 15EC 		5 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.tenmax.io/supply/v3/universal/plan?rmaxSpaceId=e25285a509b74249&referer=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&bodyWidth=1600&bodyHeight=1200&cacheBuster=c92225da-7172-4f8c-9fe8-bf6c2d4d07dd
Requested by
Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
b4aa697c66c4f8cc73d5bddcb32627fee22179e316fcc71e3660c9856253e075

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:23 GMT
Server
nginx
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://times.hinet.net
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
5139
X-Application-Context
application:prod,aggregator,build-ext:58070
privacy_small.svg
static.criteo.net/flash/icon/ Frame 1EDD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Nov 2023 20:03:23 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1EDD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Nov 2023 20:03:23 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 1EDD 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 13 Nov 2023 20:03:23 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 1EDD 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 13 Nov 2023 20:03:23 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 1EDD 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qj-6plY_hbWKxVdFeumTF0GVRV6N1zIxjsxa9z50V85QeCy3xuoymK0a3UQv1XOPBa_mFU7n5KJ8NSWFxug52XQOy0iz_FClRI3FKIqFL27-na9Z8zTLdKd5l7ccrm9cofkaGsRSQgrRR_M9bvAWpaE-tcGsH8axnR3DFcBkBc9HlX8Gs153UzioKt98yKr4gEKhkKrFSFFkS11KkrQcc3jtzzYoP4OcnuF1hwQMtYQYcQ-8sN7YHcOMoVM8SFJFTUen8OqJ2FoYnk-cW7HXG8p4F2n6blY8AyhI8TItQ1P7YbYB7GMczZUq_fismxO_0sSbmsX2tTox1UOD7yVHCLSlT_dXAUqwiJe-PfkdnVdKIOKPxJCE7CMQXneN1S0qXj0jekkBKSu-ePnmtP9kvh7A9ppzOQNhIuRjmLZZsxYrFqJa
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:22 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2936483
expires
Mon, 26 Jul 1997 05:00:00 GMT
css
fonts.googleapis.com/ Frame 1EDD 		2 KB
528 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 18:51:34 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Nov 2022 20:03:23 GMT
css
fonts.googleapis.com/ Frame 1EDD 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Helvetica
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
0921af4455b442f3bf26baf563fc851d_0787c6d0bf97fe849cbf939726cbaa94.jpg
static.criteo.net/design/dt/915/220406/ Frame 1EDD 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/915/220406/0921af4455b442f3bf26baf563fc851d_0787c6d0bf97fe849cbf939726cbaa94.jpg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8b3dea915098363883a4534e6a2c97c90a3eb574f4a1fb8eb67440dd628fc3a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 06 Apr 2022 07:10:09 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"624d3cd1-15533"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
87347
expires
Mon, 13 Nov 2023 20:03:23 GMT
f025b188ba46444d86de26350738f5b2_beb0a0c7856ebbf8c39b1eb93ff750b4.png
static.criteo.net/design/dt/915/220406/ Frame 1EDD 		302 B
626 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/915/220406/f025b188ba46444d86de26350738f5b2_beb0a0c7856ebbf8c39b1eb93ff750b4.png
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
666579d1f930d08be1c73dc367a512debb0e6535f999fc5b5470e399b8df9034
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 06 Apr 2022 07:10:08 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"624d3cd0-12e"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
302
expires
Mon, 13 Nov 2023 20:03:23 GMT
14389a5b32b24f0ca1c42347cdb23bac_cb03d2ed4fe8158207f5876d715e02f5.gif
static.criteo.net/design/dt/915/220406/ Frame 1EDD 		146 KB
146 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/design/dt/915/220406/14389a5b32b24f0ca1c42347cdb23bac_cb03d2ed4fe8158207f5876d715e02f5.gif
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a6ddccdccd06b72f1cc3ee1cde2a9a44f92e1cdc86f7dd8fe3da200cd7cb9be6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 06 Apr 2022 07:10:06 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"624d3cce-246b5"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
149173
expires
Mon, 13 Nov 2023 20:03:23 GMT
zepto-studio-1.0.1.js
static.criteo.net/zepto/ Frame 1EDD 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/zepto/zepto-studio-1.0.1.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a558dc731872adb52490cf8550eb796d0d0b448df332e38f815228576dd0cd5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 21 Aug 2019 08:32:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5d5d018f-6f5d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Nov 2023 20:03:23 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ Frame E724 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1311151640559524&plah=times.hinet.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1311151640559524
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c6269d98660443db9f9578af480b83a1c511c5a3a24602492fec3fd3dde2b62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119607
x-xss-protection
0
server
cafe
etag
15994130142540813998
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Nov 2022 20:03:23 GMT
pixel
cm.g.doubleclick.net/ Frame 4A7D
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF9gYotHmyesWHuGNXyVm1U&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEF9gYotHmyesWHuGNXyVm1U&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZXFiZFZRaW8xT1c3QTc1&google_gid=CAESEF9gYotHmyesWHuGNXyVm1U&google_cver=1&google_push=ASkJ3FaiozHOuP7moT0ctHIJNbUWxwuaSFHc_zTo-6LB9Vw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZXFiZFZRaW8xT1c3QTc1&google_gid=CAESEF9gYotHmyesWHuGNXyVm1U&google_cver=1&google_push=ASkJ3FaiozHOuP7moT0ctHIJNbUWxwuaSFHc_zTo-6LB9VwtROWdfUEI1mPqfJhtX2-BIx90CWuUiCHr66w3wUvfNL2tRpTcnFc
Requested by
Host: 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 18 Nov 2022 20:03:22 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/595ea14#595ea1444a96c0bdac4aa333a73d7028cf966fc7 i-001aff4bca77297e8@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZXFiZFZRaW8xT1c3QTc1&google_gid=CAESEF9gYotHmyesWHuGNXyVm1U&google_cver=1&google_push=ASkJ3FaiozHOuP7moT0ctHIJNbUWxwuaSFHc_zTo-6LB9VwtROWdfUEI1mPqfJhtX2-BIx90CWuUiCHr66w3wUvfNL2tRpTcnFc
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 4A7D
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEEgBgaK3MyWLsi8tyM0d9Jc&google_cver=1&google_push=ASkJ3FYCHWDtvF0WBNPMdgduMjte7tQEp59u5PZr4ZVF6y4aFoXuHzVIUYM_oudNQVs_a6v0J1TM1jXjqd4tOazfsqlkkt3qxunj&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEgBgaK3MyWLsi8tyM0d9Jc&google_cver=1&google_push=ASkJ3FYCHWDtvF0WBNPMdgduMjte7tQEp59u5PZr4ZVF6y4aFoXuHzVIUYM_oudNQVs_a6v0J1TM1jXjqd4tOazfsqlkkt3qxun...
43 B
420 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEgBgaK3MyWLsi8tyM0d9Jc&google_cver=1&google_push=ASkJ3FYCHWDtvF0WBNPMdgduMjte7tQEp59u5PZr4ZVF6y4aFoXuHzVIUYM_oudNQVs_a6v0J1TM1jXjqd4tOazfsqlkkt3qxunj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FYCHWDtvF0WBNPMdgduMjte7tQEp59u5PZr4ZVF6y4aFoXuHzVIUYM_oudNQVs_a6v0J1TM1jXjqd4tOazfsqlkkt3qxunj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76c34f296d1692ad-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
614
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEEgBgaK3MyWLsi8tyM0d9Jc&google_cver=1&google_push=ASkJ3FYCHWDtvF0WBNPMdgduMjte7tQEp59u5PZr4ZVF6y4aFoXuHzVIUYM_oudNQVs_a6v0J1TM1jXjqd4tOazfsqlkkt3qxunj&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DASkJ3FYCHWDtvF0WBNPMdgduMjte7tQEp59u5PZr4ZVF6y4aFoXuHzVIUYM_oudNQVs_a6v0J1TM1jXjqd4tOazfsqlkkt3qxunj%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
76c34f27ca0692ad-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4A7D
Redirect Chain
  • https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEB86XgnuPP4-LBH8VAbtSYs&google_cver=1&google_push=ASkJ3FYDRQXb9LSMeoq1M9xI3WH4lHiKw3bclpXi2zqO545Pi1sTtLTBz_1Q6OxmnlXRFeBIWT9NXZFTAUq...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FYDRQXb9LSMeoq1M9xI3WH4lHiKw3bclpXi2zqO545Pi1sTtLTBz_1Q6OxmnlXRFeBIWT9NXZFTAUqe3VJVmBa8snhyoEg2&google_hm=2JVPMuUVTl-LmYEwibUfMQM
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FYDRQXb9LSMeoq1M9xI3WH4lHiKw3bclpXi2zqO545Pi1sTtLTBz_1Q6OxmnlXRFeBIWT9NXZFTAUqe3VJVmBa8snhyoEg2&google_hm=2JVPMuUVTl-LmYEwibUfMQM
Requested by
Host: 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ASkJ3FYDRQXb9LSMeoq1M9xI3WH4lHiKw3bclpXi2zqO545Pi1sTtLTBz_1Q6OxmnlXRFeBIWT9NXZFTAUqe3VJVmBa8snhyoEg2&google_hm=2JVPMuUVTl-LmYEwibUfMQM
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4A7D
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAvT7jFy9LbTtd-iW4hHfdo&google_cver=1&google_push=ASkJ3Fbd6Rkb-fo3Mlb3O-ZpCFGZPp-uf4kPgWUCHSFfXS_1FzVAGZos6-C0Z2BouHF_eTTO9jOh3UDxcnY5qEZ3bvJwPuN...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbd6Rkb-fo3Mlb3O-ZpCFGZPp-uf4kPgWUCHSFfXS_1FzVAGZos6-C0Z2BouHF_eTTO9jOh3UDxcnY5qEZ3bvJwPuNuYJNm&google_hm=MzI2NDkzMjg3NDM2NDYxMD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbd6Rkb-fo3Mlb3O-ZpCFGZPp-uf4kPgWUCHSFfXS_1FzVAGZos6-C0Z2BouHF_eTTO9jOh3UDxcnY5qEZ3bvJwPuNuYJNm&google_hm=MzI2NDkzMjg3NDM2NDYxMDQ3NA%3D%3D
Requested by
Host: 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 18 Nov 2022 20:03:23 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3Fbd6Rkb-fo3Mlb3O-ZpCFGZPp-uf4kPgWUCHSFfXS_1FzVAGZos6-C0Z2BouHF_eTTO9jOh3UDxcnY5qEZ3bvJwPuNuYJNm&google_hm=MzI2NDkzMjg3NDM2NDYxMDQ3NA%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame 4A7D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEAfURzcpJQxge8AwvvBLzWk&google_cver=1&google_push=ASkJ3FZ0vXb0pnW8wRAHXbOP-JXwlSeIfP7K9rsUlbYhO91-s4Xzo8PCHL-bd4s9vAo7qsRC7cE54cqVSN5v...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZ0vXb0pnW8wRAHXbOP-JXwlSeIfP7K9rsUlbYhO91-s4Xzo8PCHL-bd4s9vAo7qsRC7cE54cqVSN5v-2Jvipv9rrJ6U9NZ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZ0vXb0pnW8wRAHXbOP-JXwlSeIfP7K9rsUlbYhO91-s4Xzo8PCHL-bd4s9vAo7qsRC7cE54cqVSN5v-2Jvipv9rrJ6U9NZ
Requested by
Host: 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3FZ0vXb0pnW8wRAHXbOP-JXwlSeIfP7K9rsUlbYhO91-s4Xzo8PCHL-bd4s9vAo7qsRC7cE54cqVSN5v-2Jvipv9rrJ6U9NZ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pixel
cm.g.doubleclick.net/ Frame 4A7D
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECyP-6Rzs-3S8w8CGC-kuN4&google_cver=1&google_push=ASkJ3FZ0wesaZ6tUFLLDDBgrG4bFOYgFh8_Y9s9oiy4SKa0H9F2FMloEewocmQmW2JqAjMNrDX...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16MjZRWGRSRTJ1R09nbU9zLmJReHcuTWdvOUFHcWMzbn5B&google_push=ASkJ3FZ0wesaZ6tUFLLDDBgrG4bFOYgFh8_Y9s9oiy4SKa0H9F2FMloEe...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16MjZRWGRSRTJ1R09nbU9zLmJReHcuTWdvOUFHcWMzbn5B&google_push=ASkJ3FZ0wesaZ6tUFLLDDBgrG4bFOYgFh8_Y9s9oiy4SKa0H9F2FMloEewocmQmW2JqAjMNrDXcPZFy5qG_esdtdC7Ax_sGjcx7RCg
Requested by
Host: 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS16MjZRWGRSRTJ1R09nbU9zLmJReHcuTWdvOUFHcWMzbn5B&google_push=ASkJ3FZ0wesaZ6tUFLLDDBgrG4bFOYgFh8_Y9s9oiy4SKa0H9F2FMloEewocmQmW2JqAjMNrDXcPZFy5qG_esdtdC7Ax_sGjcx7RCg
date
Fri, 18 Nov 2022 20:03:23 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame 4A7D
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEAfURzcpJQxge8AwvvBLzWk&google_cver=1&google_push=ASkJ3Fawn3hykkEdTaGjp1fDUVpE1hEoKlC4fuATrHSCtYcZwZ_LS3Mq6nS_pr4CBKdDpqbX6_7FCdPfSX5...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ASkJ3Fawn3hykkEdTaGjp1fDUVpE1hEoKlC4fuATrHSCtYcZwZ_LS3Mq6nS_pr4CBKdDpqbX6_7FCdPfSX55iyfr_Vpenw4tCsc2dA
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H2
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 4A7D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KfK5SXj0wDpvv5u6ChvzE17l6ULwQWZksnW5wEB86_UTwEICYb6Yk94wXBgM6Tg1zobE0GlEw
Requested by
Host: 43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:24 GMT
Via
1.1 f535ebbbbd7f05468fe793ceeef59766.cloudfront.net (CloudFront)
X-Amz-Cf-Id
aqxAuMLdcC_0-rIAs4A7FlSeSBzP63mJEz7rxnHkwmkmkwhRJDeulQ==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:23 GMT
Via
1.1 474a987f2cb8373a0505e9e4aad940fc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
s8C_NOFm6JUghOnHhZj0GQlrwEp4Ohi1I9RcDJQaVojh04HC7AJQQA==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
29b2e791ac08da45f7a1f8d52773ad72e07990d2ef98540ab6a8f411f81c6bcb
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:24 GMT
Via
1.1 e4dad8517f8b396b91a41158b44e938c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
Y_TNkT4cL-U4UpVO8EplAGC9SzDlv-x5CyzEes9mOfebTqjZ47JBNQ==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
ef69719e547ba6c86825a9a7dec6c77c68fe2befe3f2e3def295ae094461ed97
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:24 GMT
Via
1.1 e4dad8517f8b396b91a41158b44e938c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
ReI5W2v13EWGvAazz8qXG2yP92ePd15PAqA8fh70WPB7kjLRDqABQw==
integrator.js
adservice.google.com/adsid/ Frame 334C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame 10EF 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F76486173%2FEmbed%2Fhinet_6_em&description_url=https%3A%2F%2Fwww.hinet.net%2F&tfcd=0&npa=0&sz=640x480&ciu_szs=300x250&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3340287166316073&vpa=auto&vpmute=1&sdkv=h.3.546.0&osd=2&frm=2&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3374998208&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.546.0&sid=ACB0F741-E046-41D8-99BC-EAFF8A52F002&nel=0&eid=44748969%2C44765701%2C44768717&ref=https%3A%2F%2Fwww.hinet.net%2F&url=https%3A%2F%2Ftimes.hinet.net&dlt=1668801796390&idt=915&dt=1668801803584&scor=2835814035210198&ged=ve4_td8_tt7_pd8_la8000_er0.0.0.0_vi0.0.168.300_vp0_ts1_eb16747
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ Frame 1EDD 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Helvetica
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
cookie.js
partner.googleadservices.com/gampad/ Frame E724 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=times.hinet.net&callback=_gfp_s_&client=ca-pub-1311151640559524&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1311151640559524&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame E724 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1311151640559524&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E724 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1311151640559524&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame E724 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&tn=DIV&id=goTop&ign=false&pw=1600&ph=1200&x=1575&y=1175
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 50EB 		0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&adk=1812271804&adf=2662694622&lmt=1668801803&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801803450&bpp=3&bdt=437&idt=155&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&nras=1&correlator=5316747536603&frm=23&ife=4&pv=2&ga_vid=1365366507.1668801795&ga_sid=1668801804&ga_hid=1283153072&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=300&ish=250&ifk=3077956258&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44760912%2C44770881&oid=2&pvsid=1578160828604052&tmod=1953776848&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32772&bc=31&ifi=1&uci=1.e91istwi1dbj&btvi=1&fsb=1&dtd=174
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1311151640559524&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:23 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
placeInIframe
ssp.tenmax.io/api/monitor/ Frame 6352 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.tenmax.io/api/monitor/placeInIframe?spaceId=a8ebbb33367a4652&referer=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251
Requested by
Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:24 GMT
Server
nginx
Vary
Origin, Accept-Encoding, User-Agent
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin
https://times.hinet.net
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-Application-Context
application:prod,aggregator,build-ext:58070
plan
ssp.tenmax.io/supply/v3/universal/ Frame 6352 		7 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.tenmax.io/supply/v3/universal/plan?rmaxSpaceId=a8ebbb33367a4652&referer=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&bodyWidth=1600&bodyHeight=1200&cacheBuster=ed57dd4c-ed27-4f49-9d13-a335b32c1bc5
Requested by
Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
8ffe681c75b23ae8d4d7b4c1349712ad95e84198bfef3c22eab8283efae88eb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:23 GMT
Server
nginx
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://times.hinet.net
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
6784
X-Application-Context
application:prod,aggregator,build-ext:58070
ads
googleads.g.doubleclick.net/pagead/ Frame 7D80 		430 B
227 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1311151640559524&output=html&h=250&slotname=5905656858&adk=3204766223&adf=3346210685&pi=t.ma~as.5905656858&w=300&lmt=1668801803&format=300x250&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801803453&bpp=1&bdt=440&idt=185&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801804&ga_hid=1283153072&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1000&ady=2514&biw=1600&bih=1200&isw=300&ish=250&ifk=3077956258&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C44760912%2C44770881&oid=2&pvsid=1578160828604052&tmod=1953776848&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.mhl5lkkyujc2&btvi=2&fsb=1&dtd=190
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1311151640559524&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fe1cff98a7bc1e0499d22157a66131cda34ec37fa6d164df49106aeecf93f3d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
207
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:24 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 1EDD 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Helvetica
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C1E1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?U0DE6w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 03B5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=36&t=2&li=v_h.3.546.0&bgai=BY_C1B-V3Y9LkBePF7_UPlsqMyAIAAAAAOAG6BRMIvPK7k8O4-wIV_IL9Bx2qAAZS&bg=!5eal5qLNAAbvMpMzzzI7ACkAdvg8WkOdblpSXrcOfxYY0ODNDuhbuhcx2yfY9JREQNY37T2zVGDbrQIAAAFgUgAAAANoAQcKAJIUatFRlZ7B7r09Omh85cSmWuglGwOoa23gXSjJjyqrq_riFQKXwX3dUGQQkxtywpfremV4XEBLmizRVRJbUzu46bcfJ9jenRsiOJzQky3rKP6r3w10zT7ebT0BqyeZfd-hUO0GK0DskIi0u0D7ogmaGPgUqbcK6TZTv36WmE4d7rArutC3DvImFeD6K_xkPbhzIpkCXqdjZJlhmHuzZgeWm9aAibJOBzEUPXeePUu5CAfv3n_A6qlz33i-dZA88FvL4D2ywDqrvH6r7Xi1_SzkbVrArZ_dXsQE-BV7fFHMXcNzrPhv8fSY1YjLK_HOMz5wiueIzLZLv5PhoOW4UbrzjT2s8-hKoc1_wKb9A1M7qIiWjDeIj00KTXjzxiBaizCAaTzSZukFIS1KaSvzFkXWNqwds2bNf0KXTQ3JPoa1L9ac8YuWunDnVZzMnKiS00_eugt1-ZNs_ErAGcYhgOPPtfmtntsdUBuOudWqpdJr8NeiTd8yzd-bDsQ0xwljRYLoIh-xZPvbN6GWi2REaf2rbprKKixBAPPeu4u-jNjxT7RP9sCI8jsM-BGPmeSUqt5Gyj6yOkL1bQKOZYCSBX-jxpxjo_bN0Lp_xVgH4Zvk3JZMeaQh8iBmNjs2AuZFl84i66-JTfyaYlAaS4We-uAXipX0jr1Pixl7lwDSzkC65oy3xSTpVtskvsPz7-p7bx4vaCkcJhuhpoSTLyob1RLOfZ3egKu7_F36de0Zv7KPrHl8CuK_d58MUozC3Swlm6bLJuWcWpuPr7DkkIdSpJOMOIWnBJAUFw1jes_VI7apxruF6N0kdoxwOPSEadOIZl6fwtnixh9rcj1fnZ5Rl0Jelj9a2S8ld7I7KuCRKOb0wwPU8dHEdL4r75_LcTEh71cMN42MnWu2LRpt3h4uCz9EXFRFIDQoFDSKlduj28d1GhjBEmS6xdIF1STaIZ3o9fZAB0KEziwnUrc3JCnbuzLRdnYeb2fg8xfjNWoRCFE2H9vX8g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame EBF3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?4roQDA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
all
csm.eu.criteo.net/ Frame 1EDD 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=-tWz165wfXM1JPjvhapI_QrwdqRAu8WVK7nha6uAjGGNCBjb8VCi_n3l4IW4mO87GayOYGGOiQUOSYJbCYd8qo3f_HY6bATJwNQxICtl0Zn7XP6muUbuAS-H7yMlq9Ymu7aAujC0gJ3sWq9qdxQImv4onYN0OrqEDYyvdF6WIBfHjbjsu6VoLYhfvpScv3hfz8u99ocnDmQRQU9QAn41QrVkx0Vd__8GBVgDlC1mxcaQZmilbLfBEZ39ngA&sds=2&rev=83599&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 18 Nov 2022 20:03:23 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1EDD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Nov 2023 20:03:23 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 1EDD 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y3flCgAODscK5VyyAAVR1oVOQtUNatIKizwqHA&u=%7Cs9mwAOUxybF6mjygmQ2bYpBX2YJHKrVSoMwiiNQMCaw%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyMCnTpn87UHNsuno7AgpGzlOrtZY6p-JqzBn5aYBwP9WsyI3dqu03NEAspGxZHahywr4HQAdSB0aXDJuHPoAn981D2r6q8kQ1B9aSkTNs6ybfzxBZMx9EcOuouZ-yywljj9gir5z3h-ndycx5F7Qsc6X9vt5yq9276QUVGTjAh-FnFz0jtdwgPTXUsoG__JR5nK240ldKJW0E1j6C2VkDQkachHXDhWglZJDkvnuNDmzyqb6gZj327WUbc7M3gwIiuTUD5_l5Eu2hj5l8Waw1ytZToJDWRX3-l4J8kJnYZJCJ243uBi2fhUbIbc4MeFxSPMo32j6ywklA3turlhgLFjuOq5ycAlUYN2G471IhYDb4z1-upzRnidgZMGjlF4Aj8eWCrRiHSQAHe_-VOqFFrfmsI2P_84qOcensq_8F2nGROzeFp_2QDu_fFhzuKMY49_FjFX3zclHLaLwQvAj7PnsJPFEFK8zLQAH8PKCrOfKwRNsJ0ql7v8vyOHlLNp7gMH6Dc_nfwb-KZo4m3lv9ejPfZ6C76dxqfrTraZvebyRRyUvIFgwFzjvbkhr7kqCFd1LcWJyVuUMTRHmKjueoJ7QsQooyz96to6ok0rerl28&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCrXEhCuV3Y8edOLK5lQfWo5WQAsme0rFc1Z2R93DAjbcBEAEgAGCVgoCAsAeCARdjYS1wdWItMjk3Nzg3NTI4MTMzODMzMMgBCakCka74eGhVsT7gAgCoAwGqBIICT9C7FpF3AWa4WcTwH4JKJA5262nuwxqm-rsEASCWevMi3tVsEEzzyZd2z5LHpwufmpGGWRa2BcqNIgjJYk4_C84kGC9cOBPV7aTrpPjEFH5OhEk-_OrR14CxvHVjBRM6eqDZoCWAs_48DHLhu6STZurijqxqTD3AUvEVB1REFNwTq3TElyVZpc4XRuS_9LqJ95JwGUUhVZoarOj0LsKYe7I6wAJS9WZFBzmTQyMkAiIBuijCYvidBgQy6zAkO5-Y4idNKxizncsRMzno4LZkX0O8_RM8UslTFmZNlScE5pM7cBN7lmSCa_SDOf0hzIf9CipVjxp1Kr-Y7km4Aahhtw654AQBgAarn6nN2qLi9SegBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1XcSEa884-2TLBx4G_0dopCgiYhg%26client%3Dca-pub-2977875281338330%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 13 Nov 2023 20:03:23 GMT
request
ssp.tenmax.io/supply/tracking/ Frame 15EC 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/request?bid=0e9ba380-677c-11ed-a98d-8f82c9fddd8e&chid=38b21df4e61c4e90&sid=e25285a509b74249
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:24 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
integrator.js
adservice.google.de/adsid/ Frame 15EC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 15EC 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 15EC 		116 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3928169728155833&correlator=3874668995074593&eid=44761478%2C21065725&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=37275962%2Crmaxspace%2Ce25285a509b74249&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=2&adks=868499017&sfv=1-0-40&prev_scp=adx_region%3DTWN%26line_item_type%3DadExchange&eri=4&sc=1&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&abxe=1&dt=1668801803821&lmt=1668801803&dlt=1668801802340&idt=467&adxs=1000&adys=2784&biw=1600&bih=1200&isw=300&ish=600&scr_x=0&scr_y=0&btvi=2&ucis=me9d7acqp3rr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ref=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&frm=23&vis=1&psz=0x0&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1365366507.1668801795&ga_sid=1668801803&ga_hid=145154760&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed5de8cca50c0c2851a6edb31b918e608d7ce5ba1db6bcfa7082b1f03ad2b80a
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLqh4ZXDuPsCFZSS_Qcd3TEBlw&gqi=&layout=/sadbundle/%24csp%253Der3%24/3592621189675155901/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLqh4ZXDuPsCFZSS_Qcd3TEBlw&gqi=&layout=/sadbundle/%24csp%253Der3%24/3592621189675155901/index.html
date
Fri, 18 Nov 2022 20:03:24 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44149
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:24 GMT
Via
1.1 8f2a8d0800eb3d1942ab5a7177177e20.cloudfront.net (CloudFront)
X-Amz-Cf-Id
9wwGTXD-ivh27KwOHiHXC-NrrFKbwpRp7LkGRDCu2u4-cUvboJZF4g==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:24 GMT
Via
1.1 474a987f2cb8373a0505e9e4aad940fc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
PzXCaxFcrVe7wiWj6i-fvI4T343pux7XlLsqdbmuKP6HDgUIfTAK_Q==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
293f8ffd5a709807b597c92605f0ee341521b8445f94ff262172c93cddd5e84f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:24 GMT
Via
1.1 f535ebbbbd7f05468fe793ceeef59766.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
9kMPvN_mV0tnlevu-hoicin84tNAmIU-ozPK_KBxG4xVAJBw0kLNVg==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		39 B
570 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
7dc54c2cda854fd13e31131cc463e928a7702893b8dc77d67f58b95cfc0f7736
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:24 GMT
Via
1.1 f535ebbbbd7f05468fe793ceeef59766.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
39
X-Amz-Cf-Id
XqgV1gpOgniXk14484aH1ZXLbptymvSz3fPneoFnL5RjqqRQFq1ajQ==
integrator.js
adservice.google.com/adsid/ Frame 334C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ptv
secure.adnxs.com/ Frame 10EF 		27 B
716 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?id=20240059&vwidth=[playerwidth]&vheight=[playerheight]&referrer=hinet.net&cb=1668801803835
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 18 Nov 2022 20:03:23 GMT
AN-X-Request-Uuid
709fa59e-e0e1-4456-8f35-23a1b52e8821
Server
nginx/1.21.3
Content-Type
application/xml; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://imasdk.googleapis.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
37.58.57.3; 37.58.57.3; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
27
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:24 GMT
Via
1.1 f535ebbbbd7f05468fe793ceeef59766.cloudfront.net (CloudFront)
X-Amz-Cf-Id
aD_4Ar6U1f3LwvmMws-z-MprLQ1dxLFlADWtP2Jn0mHxS24OYCcwtg==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:24 GMT
Via
1.1 1dd6f08fb93545a8d6cac36f521d0678.cloudfront.net (CloudFront)
X-Amz-Cf-Id
hebaO0aLQqr5hgj8cPcJckK3JM44-Vm0bWRhJ6DoznWNZkXM4Z7VQw==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
2013feb290ee56dfc7e5ec62288b9cc6952b3774fcb0570545fae9377ec37c9b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:25 GMT
Via
1.1 474a987f2cb8373a0505e9e4aad940fc.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
M0QcukpM4JGoMmO_l2kD880i1x_CIqrhIvc7y-oxSu3tKh3KYj1eQA==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
cbda26309731e9052cda082e4d70c2e28dd654d259651e356a59a69a5903c9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:25 GMT
Via
1.1 1dd6f08fb93545a8d6cac36f521d0678.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
w373jzcmRCKuN5CrbG_2rH_CCoe11Vl7HqwwarQgzNuSb8ZxavJC9Q==
300818
search.spotxchange.com/vast/3.0/ Frame 10EF 		67 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/vast/3.0/300818?VPAID=JS&content_page_url=https%3A%2F%2Fwww.hinet.net%2F&player_width=640&player_height=480&media_transcoding=low
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
3ad753512028ab9454846db78b92c123be24f761177422832bad76120e06a6cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

X-spotx-Exception-RESULT
exception
Content-Encoding
gzip
X-spotx-Exception-ID
SPOTMARKET.HALTED
X-spotx-Exception-Message
SpotMarket execution was halted.
X-SpotX-Timing-Page-Require
0.000384
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000005
X-SpotX-Timing-Page
0.008568
Pragma
no-cache
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
text/xml;charset=UTF-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
X-SpotX-Timing-Page-Exception
0.000017
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-Page-URI
0.000011
X-SpotX-Timing-SpotMarket-Secondary
0.000000
Access-Control-Allow-Headers
X-spotx-Exception-0-RESULT
failure
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Date
Fri, 18 Nov 2022 20:03:23 GMT
X-spotx-Exception-0-Message
Halting market due to GDPR regulations and DPA not being signed by publisher
X-SpotX-Timing-Transform
0.000512
X-SpotX-Timing-SpotMarket-Primary
0.003545
X-SpotX-Timing-SpotMarket
0.003545
X-spotx-Exception-0-ID
MARKET_HALTED
X-SpotX-Timing-Page-Misc
0.002905
X-fe
059
Content-Length
79
X-SpotX-Timing-Page-Context
0.000312
Last-Modified
Fri, 18 Nov 2022 20:03:23 GMT
Server
nginx
Access-Control-Allow-Credentials
true
X-SpotX-Timing-Page-Mux
0.000877
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=3808773216574337&bg=!i4iliMzNAAbvMpMzzzI7ACkAdvg8Wvge-pYlCtOM4sVxCu-5HyRPFl_sifAiZ4HtqEYAtIbdh_i4XQIAAAEMUgAAAAJoAQcKAO9DM6EEan5vSuGbjBl5KnM75e4g2UWbn8mtTmcSlh7-7pR9hmhMG6_FAMa-dH2l0cQzvn9I0XVFaH84a3ebfmP4-O74yhmUxiELayFEDH9AFbVtKFKX8JkfVCLuk9mJYzSUWV2-J6k8f-bxAPXzkx6qGvrk14qEm5MuBMcrDucHB368LxuD1O4CCjfagzxUR-HVYxWs-57xTSN_uQ0RKT-qNbeZvQFApPZs6w6FRNibaeW3chxnqJMY8-A8DTH3iLTdpY5aepZpR5C86nzGur7AHpPOc2PODktb_W_wC45nWW-KbjXn_XBCJlLxh6MVVJkCo4wmQRcNfES3inKI5htGfaoqfH7Q35BNkI21UYCHenTpjtgqen3E268dJ4jRyxBmgoBFDMAwqr_hQ0OjPNOW5K1xEZ1zmohJzzyKjeqEMG2B-5o6Yxxq7Xm3DbqC-bs7Ch2oyCgQMlNt2-6AnANc4XRel00Ur-mOjD3hLNwV3GcR2IQEruOP_C5Sw3rOtDjeFo1KFzVKPf2Jc_UNzmNHHX3VGchtAhPBh-9pnIv8UYtoyIWY8nOxhsGEIPZmlkGuZ7PRVkGX1y01Fz9y79EE3m7kNU83cxPrfP8F66RF3lEcGxZWzTlsyJ7ax1Z_5_HC8TWuHGfHewPpu3xarTjJ6xXfbLUTWZQd6RKsLRtC3xPE45-s8QwVil9LF2zxQpzwmLhVgHqE4lOgLu0W2VPJ--Oj0ksdxV4lIXVD7RwqBNZNFy-V3XpFBsInJc8kmL7zN9GuEB989jGDcHmjZkd8dZUNfG_MhNCkK3OulCzES-wuYVFfZKPogDFX3t7ve_XiuNficw6KkdDpOluU1rNBAbfXWqvLHlVo5COOGMPEL3Oziud8CeG90hlDpZ63sfS-pxLeusxvzyCdG1QQ4hHebhk2jUrz13nrXvecOW49rq5UWonHfJdIdasCkue7sRufRZx_yU2P12w6RzNtQp4sGHPbShBtM55o3sMnRM90d-wIT3pkQhZ0gG9tw8nxkiR7U4LP23DBWdmCYb9PseddXUN6l_fHfzQn0WWIxD-K02i7HVLPH4pEmlV4l2jCgSNlg_AYBsTl4R_JhABiMvDyGNmTJWMT3APSxRQKSZZpqcy0xqdzw_0yfJUT_hVVkAbj80mlfpKqG1YmL2xkVEfV84HctUk3x_pxEIcgCRCl8wOoCqe-o7AvREB37ViWBs5fcEd1AQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:24 GMT
Via
1.1 8f2a8d0800eb3d1942ab5a7177177e20.cloudfront.net (CloudFront)
X-Amz-Cf-Id
OThESFbmMinzD29YnH9NJ9T9ud5bWUXZYDuYdDIS3e6gd7wNlfRAPQ==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:24 GMT
Via
1.1 474a987f2cb8373a0505e9e4aad940fc.cloudfront.net (CloudFront)
X-Amz-Cf-Id
FRLD3rGQv5_NUE1blbAxmGNE0fjCMD1evcmugecMVfF1J6xTtihOyg==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
54868d1414fbbfd90c33e55ff9ba852bb3a89103446cfc04c863e61d76c67537
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:25 GMT
Via
1.1 f535ebbbbd7f05468fe793ceeef59766.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
00EyQBujr2xirfVCpoAiCSF1Ax3tNDt8SVFamwzOZWCZ0f9GYvjPPw==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
54c71ffd5895d4c68c43d4e95d07b054538cdea0b23935b46522507b44888466
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:25 GMT
Via
1.1 f535ebbbbd7f05468fe793ceeef59766.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
x7RMJadGMTrIt_r4gVhabCBKAi_n-HPIbH_8_wUC0H0HuYY6wPoptw==
integrator.js
adservice.google.com/adsid/ Frame 334C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
adsv.svc.litv.tv/ Frame 10EF 		261 B
445 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adsv.svc.litv.tv/ads?puid=8080aeff-b8c6-4d1a-9927-a73ee1c786ad&description_url=https%3A%2F%2Fwww.hinet.net%2F&correlator=1668801803982&cb=1668801803982&pageUrl=https%3A%2F%2Fwww.hinet.net%2F&pi.width=[playerwidth]&pi.height=[playerheight]&a.ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F107.0.5304.110%20Safari%2F537.36&ad_unit=adsv_ppn_em_hinet_6
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.234.181 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
181.234.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e26f45a1f2d1e64096a76fb49098177e33c162bc6535b4c21492256810c1f5d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:23 GMT
via
1.1 google
vary
Origin
content-type
application/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
261
request
ssp.tenmax.io/supply/tracking/ Frame 6352 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/request?bid=0ebe46b0-677c-11ed-a98d-8f82c9fddd8e&chid=2c371eadc7fb4ce0&sid=a8ebbb33367a4652
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:24 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
integrator.js
adservice.google.de/adsid/ Frame 6352 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 6352 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=times.hinet.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 6352 		116 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=21661793632707&correlator=1486269208819631&output=ldjh&gdfp_req=1&vrg=2022111501&ptt=17&impl=fifs&iu_parts=37275962%2Crmaxspace%2Ca8ebbb33367a4652&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&adks=4242415979&sfv=1-0-40&prev_scp=adx_region%3DTWN%26line_item_type%3DadSense&eri=4&sc=1&cookie=ID%3Dfc59f85f1f66ff27-2278856254d800fe%3AT%3D1668801794%3AS%3DALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&abxe=1&dt=1668801804054&lmt=1668801804&dlt=1668801800768&idt=2124&adxs=1000&adys=745&biw=1600&bih=1200&isw=300&ish=250&scr_x=0&scr_y=0&btvi=0&ucis=1wlrfwhbnew3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ref=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&top=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&frm=23&vis=1&psz=0x0&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1365366507.1668801795&ga_sid=1668801803&ga_hid=823414897&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83732b4a56c1e1fb338d653acee13b75dba599516cabd19b61064b142eb49eb4
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLbD75XDuPsCFbTyuwgd7EcBkA&gqi=&layout=/sadbundle/%24csp%253Der3%24/12818013396504674824/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLbD75XDuPsCFbTyuwgd7EcBkA&gqi=&layout=/sadbundle/%24csp%253Der3%24/12818013396504674824/index.html
date
Fri, 18 Nov 2022 20:03:24 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44108
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 69C3 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:22 GMT
expires
Sat, 18 Nov 2023 20:03:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
impression
ssp.tenmax.io/supply/tracking/ Frame 15EC 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/impression?bid=0e9ba380-677c-11ed-a98d-8f82c9fddd8e&chid=38b21df4e61c4e90&sid=e25285a509b74249&lineitemid=5342308983
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:24 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
view
securepubads.g.doubleclick.net/pcs/ Frame E724 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjBTnU0NQImiudoy7HM-X2az5P-ZFgv0MClv6bLyGn2KqwxShzXXhHOdgW6hThsBECHOoA-6YnMRx2dAg1r90zsKnhgQy7izwr81WT02e1qLcUK1HqtJQrMevLXJD1P1pYeTme_SPhMldtg9uQNyNic9C7Vn6Q7UsquVeWO_srXfNVpB3GQfq9XxmCrQ1OiiugjKNUUA0sDVRXYpRAUG-TrWoZn815YWDL-YykkNXQEU85HGeXIWXUwr1hAF90ZsNz7mSAY-3iVTXeUZHKVzbCnwOKCZTFMWei50M8qtQ4xgr9fdEVcPgHT0iGBNaq2je3kGskMy2ah6QiNXriiw&sai=AMfl-YQ9rpbc1gUeHa0rGphYhmQu_ZSTqztGro15czXwUrRqQh6_HY8b8pMuEc6PzKS7mjyF56ujiHOvl6of-yPlIMNRqEXAoDumeIkEsnSu3uRpUCqzB8nIeq5OJnhnELA7Mg&sig=Cg0ArKJSzBcDrKQbz4RJEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 18 Nov 2022 20:03:24 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E724 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1311151640559524&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b0654a899c19be64fd31e18a50404c5bfe4032990b9304a62b046882ae6a72e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11158
x-xss-protection
0
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/ Frame 20FD 		39 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/index.html
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff93395dae62cdb3911f3b65dd33001f77f661864406259f2fdfe7bff6a60ee8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
118634
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5575
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 11:06:10 GMT
expires
Fri, 17 Nov 2023 11:06:10 GMT
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 69C3 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJ9z1C-V3Y_rvNJSl9u8P3eOEuAnfh_TAbezHi__OEMGi4pncNBABIMqm3yVglYKAgLAHoAG-48exKMgBCakCHgpL1sQHqT7gAgCoAwHIA0iqBPwBT9AyZPQTz6yQfKEKZK-k1zYHbAokJ9asT7F1aqTKiNhyh1S-0OPKRoyyRwvkXPu9q0u-KI1CCjpPugEvjxvQq9JqQcTWKW9GPMgnfBsKPiLEF_KQdv86-Bq9xhpqZy_dn5LnUXnhA6FzkU_KDJ-Y7MzNGm92KNvnRtwomhwMSN3l0dgq9GTPQqEr5dv8aEicqFv4gtYgEzY8EpNjESGBUjQNIxcwXJu00qNKJ14VlQXbDAG5lwDagueseRzTN8mDEZ4bA1dLrmHWuzozZqT1IlnHjobMTQWT6f2UV9yQXCl2iwG9o0_WU_YQXqlHNGnxLJeT_44jaPZW9qgDwATP2OiZkgTgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHvpuYkQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCmxAPSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAZgWAYAXAbIXHgocCAASFHB1Yi00MzM4MjU2NDM5NjI2MTQ1GOqPGA&sigh=02rG86iB8is&uach_m=[UACH]&cid=CAQSPADq26N9zBe9SpiGDoTy5srjTAmRmo2xPf8MazRsMNMlthMoKEL4hQ-KM9U4PqlQb9I8dSIEROWU83kRIRgBIBM&template_id=419
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 69C3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: 3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com
URL: https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16059
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:35:45 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 20FD 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24664
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2655
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 19 Nov 2022 13:12:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 20FD 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
618
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 19 Nov 2022 19:53:06 GMT
333be60527a3c6fe29d3093a75a352a4.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/ Frame 20FD 		105 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/333be60527a3c6fe29d3093a75a352a4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6566d8b13065cae77d67755f219dc7d2bec71310a58ee08486bc21dac6620f7f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Nov 2022 11:06:11 GMT
age
118633
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30452
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:06:11 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 69C3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com
URL: https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:01:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
7326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 18:01:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 69C3 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com
URL: https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16059
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:35:45 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E724 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1311151640559524&plah=times.hinet.net
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:24 GMT
l
www.google.com/ads/measurement/ Frame 69C3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSYMtTwBvdkYWMt3G2AusE9vL9N31PcQcPO6K8-KMpQxwGfMpO3xG61pvUi82hIvhAml_kVOZIWzR9yzn-3BNNUH3JMgw
Requested by
Host: 3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com
URL: https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 69C3 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com
URL: https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:24 GMT
css
fonts.googleapis.com/ Frame 20FD 		5 KB
657 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/333be60527a3c6fe29d3093a75a352a4.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2db0a43cf6d5a3f65b457a78124848371e3c4b0feea7017842ab3542164b6804
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 18 Nov 2022 20:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 19:49:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Nov 2022 20:03:24 GMT
409f89e77466caf1a0f4e7b11d9c0918.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/media/ Frame 20FD 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/media/409f89e77466caf1a0f4e7b11d9c0918.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
631ea678d80d250085c5640f76aa9064e8c5ee9d58f72fbf6ad90eee5d99c2e6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 11:05:55 GMT
x-content-type-options
nosniff
age
118649
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19629
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:05:55 GMT
cd2696fd4b4633d9b42115314ccf4590.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/media/ Frame 20FD 		349 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/media/cd2696fd4b4633d9b42115314ccf4590.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Nov 2022 11:06:11 GMT
age
118633
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:06:11 GMT
b7c2e0121dd398f19832e109abb6df16.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/media/ Frame 20FD 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/media/b7c2e0121dd398f19832e109abb6df16.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6902a0288cb6796a73afa7387155eb665b95da1ac425bbb3799fc77d121bf7a6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 11:05:55 GMT
x-content-type-options
nosniff
age
118649
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2537
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:05:55 GMT
truncated
/ Frame 69C3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e263c98762851f9972bd60fcea7a89cb21d8848944c82276177b7390fcdbf6b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 20FD 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 22:05:34 GMT
x-content-type-options
nosniff
age
79070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 22:05:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 20FD 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 11:59:40 GMT
x-content-type-options
nosniff
age
115424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 11:59:40 GMT
f1517312815e692ecaa45cf981ca4529.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/media/ Frame 20FD 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/media/f1517312815e692ecaa45cf981ca4529.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/3592621189675155901/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6edaa19857115029e0f03fba463c8f4f29d711cbdfff32de1c68a01d34e33e7f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 11:05:55 GMT
x-content-type-options
nosniff
age
118649
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24122
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:05:55 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6352 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1eecba73cfd67721e4e3dc1f14693d70b935e84e21b43d65aa12ad8cf2bbf32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10966
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A2EE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 19:04:35 GMT
expires
Sat, 18 Nov 2023 19:04:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A100 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
858a18aee53859e8d35f4bea69a0cd7c2dd28a825c3462c0a1580afb50c3806f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LduL0hM1GSmE_cmbw5Ec2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-LduL0hM1GSmE_cmbw5Ec2g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:24 GMT
expires
Fri, 18 Nov 2022 20:03:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame CEDF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=3623574812094311&bg=!g4ClgMTNAAbvMpMzzzI7ACkAdvg8WoE7EdG-HGcwp-zn_lGBc70YbZuUp_hWHLx_chjeoboYhM2iVgIAAAD_UgAAAAJoAQeZArfhsMtJgtA2WmO7mgyEMQ501e2GGyedZimcFKTYCQBf810_b2U-xrlmtTDzy66aDsOqOEcNSmIYPJ5GVYNIe0gqnpWSO9-2Rs9suTuh6jArMOacOGtzqbnZ5fWElXIOtsTZv7ueRyEoy401HjyR2koiCA9lu5B8pyd5AvHMTGltfw6tHCG6Z1IF_Ne0OE1IcIoqY-VG8WvEdzucyxs3rWGZ9F4IGPE-q5UQadvL_qE5Lo6UE29jUOcRIVIKKYEdaGkZAb6ulmZI6O548z3S_RW88G2xSmJNJn1wGnvd-Y7o8R6UbG9-XdA_svn-OORMCYuUGt0D7pDThO2OV995WvaijkKKtrouMZoF-4FfGKsZLGL2C9R_djsMmXb9hK-FIBF2AJOF4i-u88NaRXsrasqYEKaB4iuJGHRlrg7oMphDldWUS9Lj1rSbxjYwAfGOJSi9CjmcgLkFhrUar61RcuMQBVFNVfBo8sSVDbfl3DL4ft3dL4cPxszfjp36BEG9pK8u68x66rSiMwH-FyS0CKg3Nwd1qGGtT1ZQVFCUf1Jzp_XVk7IuXVWliwmdOrqiG3UI_SWivk8Aa3ag0InZ9hKttsyBlnQtvlycfcuB7HW4YAzH-eO0ELXNEzfNTCIZlBewJoPJvee-rHWB06XOs31sYpBbO9HileIHVW2o0f9WFdSna9R6h4G4UMALKlKXdl89epdaP3oVG1-DrMYbD6pZDGefHAEN7PYQzqNkMPrUQqF0Zx38yi7jncxV7eGsROGL7wYD_06NdqK6Kl1c7otzLNj8yNBmsVSwitNRxBjxyVQUKoLXF51e5fXXNRq4ct6AW6wveyLCxqYSAp3MuLhi2BxpjqCMG-5ZrNJWXa_zHgX9Tgzrpk-EKJApBYGLOyfkJH-Cf3Yc9k-NZ-THAYVyxIsMxM8PVA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:24 GMT
Via
1.1 1dd6f08fb93545a8d6cac36f521d0678.cloudfront.net (CloudFront)
X-Amz-Cf-Id
SqAPzhFtwPi35rG9f7_1RnUkj3MrK9Ry7SqF8Eg6L41OMIVemwE2Wg==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://player.svc.litv.tv
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Access-Control-Allow-Headers
Content-Type
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Max-Age
60
Connection
keep-alive
Content-Length
0
Date
Fri, 18 Nov 2022 20:03:25 GMT
Via
1.1 8f2a8d0800eb3d1942ab5a7177177e20.cloudfront.net (CloudFront)
X-Amz-Cf-Id
aokbjgDX59XLdiiVmf0KmHJBJI0qFlMcGy_KG6jcYPP15w9_tSjGZA==
X-Amz-Cf-Pop
BOM78-P3
X-Cache
Miss from cloudfront
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
da7bfdacae66cbc83e6063d3ce4687b0edc0db87f562f114cbb43166fd61e4cd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:25 GMT
Via
1.1 e4dad8517f8b396b91a41158b44e938c.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
G4udG52jPUO9OU1cqYq5PuJ7jaoSoGY_aWUwk6DvjFZLumTjHCOIwQ==
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		40 B
571 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Requested by
Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/v3/ppnio.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
108.158.46.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-158-46-104.bom78.r.cloudfront.net
Software
/
Resource Hash
3dedebaae73adc33be883fb7623603af1a1a070f571a0b1ffb015ae540fa0b82
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://player.svc.litv.tv/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
Content-Type
application/json

Response headers

Date
Fri, 18 Nov 2022 20:03:25 GMT
Via
1.1 8f2a8d0800eb3d1942ab5a7177177e20.cloudfront.net (CloudFront)
X-Content-Type-Options
nosniff
X-Amz-Cf-Pop
BOM78-P3
Access-Control-Max-Age
60
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Cache
Miss from cloudfront
Connection
keep-alive
Access-Control-Allow-Headers
Content-Type
Content-Length
40
X-Amz-Cf-Id
rMNEYZBBPTKH9THr4Xp58rS0UzHHrp8LuTuPgIMYJYh_SKkvVO5-qQ==
integrator.js
adservice.google.com/adsid/ Frame 334C 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=player.svc.litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://player.svc.litv.tv/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame F5B9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=4482062431799733&bg=!8_Cl8LTNAAbvMpMzzzI7ACkAdvg8Wtul9XoHvbFIXHt2JcuOhz5si8N9RnVGUzWb1X1XdzhVbt6sYwIAAAEFUgAAAAJoAQeZAru-ZV_I-BXT79vBtZHlsjNcJPQqjK2_akOxCqZPCQUwRkWU8hW-6l-eUCoXoSt8OHc7GI2IocMmvKZB2Y_LerEDdlec_4u0qZWUbFEeZscgiWJyAG-rX5udnfTUeAeKXaGLszPIk0sH1YwO2anN6DCX_9wpS3JtMN77Rtyg2rkQR6fE85uThw7Fh6ZJtGLDLA2-z068PUsR4GWV4iYlSgVl_MKTvV762va3tkk84JqSMDsBt57N4RzZQwNeA6x8egN38ydtVPti9vRe0fuRgG0TG5nlpuxtS7ydOfByLrn3Od7PsV2jUtZOKpJGpxURQLfd69VveHYBeaGAhKMfLKcYcSJGYQ0-YqckP0O9IYD42cmSL0tAUANFUCci750uInm6Ysf4u2es686_yGg-_X5H_89ytBJMFSIYasL64FLiVRiBVSfrxxKpPNRh37ddnZq-wrvGEVQerx2SM5gRBmRd5ORhJ13Ms_z---lsoRbN6QXTKpOZ4uDI08mdkezy52fiLFMb_CYR09Xu-t0fdIwsyJk4wf90IyB82QAiXj17e0OAIDPyY6DUtHv1n2X5kaIOrCeJt8xkRj1GnCdZiVy9nz2Yw2WtvyA3n7fYi-H3jSMNn-wtP6WeRLrPBNfYOnYX5u-Qfh1xmJi8pFsCPOlnn6GotsmPnK5JjAlPvAWzjCfH38S_9RYJBvSTYMn8kkzxpfV-OCza-qL9C409PYmOSi8a1jeC-IObmDWCciZhhYHUwio6LWxH2lh8P6H-mn29_ztrsmwLJIOjXvjfSVIfLnMXEo-SY_QzEVOU0g_tojxWUJNJtOIAFmGQyMESawlaNzHRxVD2oafrIroQkwk9ctQg0e9F7-izCnjSzp6--hc5tu1vughFvrZLTDGMqXsZIR3JWrdp_D29fsMAwagDw6H1z8womz24fiY
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
vast
static.cht.hinet.net/api/v1/request/ Frame 10EF 		7 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.cht.hinet.net/api/v1/request/vast?key=DPY3L85OQV20OR9E
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.62 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
77badaaf2ba76b5d6db51af10d6df7f6e1183fcc2d475577b94c5aa640606120
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:25 GMT
Strict-Transport-Security
max-age=0
Server
nginx/1.21.1
vary
Origin
Content-Type
application/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
7455
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 20FD 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 18:17:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A100 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1578160828604052&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame A2EE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 18:17:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 15EC 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49ac9daac040d936bdfdaf9e2948f7d7b414e165a0a4e17ac88054236cf4df18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11031
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6352 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 15EC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:24 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7E30 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 19:04:35 GMT
expires
Sat, 18 Nov 2023 19:04:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame D7E2 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
77a323150f50c5b7247600c252a193f22281c4e103edd43d5e28030c2892209d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IZHdy2msaw8J8JqZ98RcrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-IZHdy2msaw8J8JqZ98RcrA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:24 GMT
expires
Fri, 18 Nov 2022 20:03:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame A2EE 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?M4RiKA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 562D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3529
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 19:04:35 GMT
expires
Sat, 18 Nov 2023 19:04:35 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 565E 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aa3e36ec57b9cda02d0dcfc114a0ab0a117d97df8724943c958815e242e92ef6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-u74274_wNA0DU5443Q-ypg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-u74274_wNA0DU5443Q-ypg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:24 GMT
expires
Fri, 18 Nov 2022 20:03:24 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 7E30 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 18:17:59 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D7E2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=21661793632707&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
container.html
73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0384 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022111501.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://times.hinet.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Nov 2022 20:03:22 GMT
expires
Sat, 18 Nov 2023 20:03:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
impression
ssp.tenmax.io/supply/tracking/ Frame 6352 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/impression?bid=0ebe46b0-677c-11ed-a98d-8f82c9fddd8e&chid=2c371eadc7fb4ce0&sid=a8ebbb33367a4652&lineitemid=5346731421
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:24 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
sodar
pagead2.googlesyndication.com/pagead/ Frame 565E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022111501&jk=3928169728155833&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 562D 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 18:17:59 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/ Frame 52FB 		34 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/index.html
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
144f00958640a629a3d4499c23124bc1d0e194ab6ba98f781a30493c66c87845
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
118651
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5220
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 17 Nov 2022 11:05:53 GMT
expires
Fri, 17 Nov 2023 11:05:53 GMT
last-modified
Mon, 31 Oct 2022 19:15:20 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 0384 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpNNIDOV3Y7aNBrTl7_UP7I-FgAnfh_TAbcTHi__OEMGi4pncNBABIKKN3yVglYKAgLAHoAG-48exKMgBCakCHgpL1sQHqT7gAgCoAwHIA0iqBP0BT9DLvMO8ICkZLwjHPTcBth9QPhciVeSdErDJoJpGP62NtEe3RkoA18Ms0sbj0vEo5zMlJVx5AwEXDf-1E3STbDIcNd3OzTmYjUXVLhvqrkSrKgRlgPJD_F4uE-TnblKT-AzhHR4oZnlMHNpgaaJfh8SvfWtrsGPxKuQ7DSHnbdF9OSh85cPaszwTvjXk3W6opaOaoo7fPPc7WvlStpDdllXRFSqrfKthzz7lHepC6orykSnn72mMOe0LJYgYaHQrokEjg-IMMBG7ug2llE50nYRLGUxD9nFZhg7hoLIZaRHrb_bWOtROaqDGxo3rbhzhoySKTXmLD0DY9uldRcAEz9jomZIE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB76bmJEDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ9IIC0ggRCIDhgBAQARgdMgKqAjoCgECACgHICwHYEwLQFQGYFgGAFwGyFx4KHAgAEhRwdWItOTQ2NzE0NDQ5MTUzNzc0NRjqjxg&sigh=pcWV6EfTuIk&uach_m=[UACH]&cid=CAQSPADq26N9vy8Frp14l5HlK6yidjM8QMNcixXiv_IxRAsaMTI3rx1QcVDVh1nhIyE7tEgnW3iw48JTgw3hGhgBIBM&template_id=419
Requested by
Host: times.hinet.net
URL: https://times.hinet.net/news/24260251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 0384 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js
Requested by
Host: 73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com
URL: https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16059
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9428
x-xss-protection
0
server
cafe
etag
246362764157784863
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:35:45 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 52FB 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 13:12:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24664
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2655
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 19 Nov 2022 13:12:20 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 52FB 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 19:53:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
618
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 19 Nov 2022 19:53:06 GMT
45fb475ba2a0d98c1ca6cf1623ef0006.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/ Frame 52FB 		105 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/45fb475ba2a0d98c1ca6cf1623ef0006.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6bab08465d8d180141f26eb5212386e031713bffb94f54f8894c4386e63e7e74
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Nov 2022 11:05:53 GMT
age
118651
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30445
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:05:53 GMT
generate_204
tpc.googlesyndication.com/ Frame 7E30 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?KnSXpw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0384 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js
Requested by
Host: 73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com
URL: https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 18:01:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
7326
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 18:01:18 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 0384 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com
URL: https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 15:35:45 GMT
content-encoding
br
x-content-type-options
nosniff
age
16059
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7458
x-xss-protection
0
server
cafe
etag
16870613375306414947
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Dec 2022 15:35:45 GMT
css
fonts.googleapis.com/ Frame 52FB 		5 KB
657 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/45fb475ba2a0d98c1ca6cf1623ef0006.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2db0a43cf6d5a3f65b457a78124848371e3c4b0feea7017842ab3542164b6804
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 18 Nov 2022 20:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 19:34:19 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Nov 2022 20:03:24 GMT
d4e3704cc39ff55777ffbd897b975099.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/media/ Frame 52FB 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/media/d4e3704cc39ff55777ffbd897b975099.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41e96bbcfd5ab72aef9f5068ee94e07dec1dbf1e21a272bbb6b116a16e8c5fd3
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 11:05:53 GMT
x-content-type-options
nosniff
age
118651
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10543
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:05:53 GMT
cd2696fd4b4633d9b42115314ccf4590.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/media/ Frame 52FB 		349 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/media/cd2696fd4b4633d9b42115314ccf4590.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 17 Nov 2022 11:05:53 GMT
age
118651
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
256
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:05:53 GMT
26fa92d9745bee8b67eb38a0a9c7363f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/media/ Frame 52FB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/media/26fa92d9745bee8b67eb38a0a9c7363f.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b6143dd8d4449f713a4e2eb5dc579391b1df11f1ea6a9cb16c34f5fbedf82614
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 11:05:53 GMT
x-content-type-options
nosniff
age
118651
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1850
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:05:53 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0384 		154 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com
URL: https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48265
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1668095300071091"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Nov 2022 20:03:24 GMT
truncated
/ Frame 0384 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21c8f6780050a1f0dd4764a2cb40838e978ef9c2214e66521f2f943ad7b8d8f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame 562D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?J57m7A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:24 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 52FB 		45 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 22:05:34 GMT
x-content-type-options
nosniff
age
79070
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
46524
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:58:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 22:05:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 52FB 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:500|Raleway:600|Raleway:700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
null
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 11:59:40 GMT
x-content-type-options
nosniff
age
115424
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 11:59:40 GMT
eba831e9e8a844939fa8201ca17117ad.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/media/ Frame 52FB 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/media/eba831e9e8a844939fa8201ca17117ad.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12818013396504674824/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27034a5082770002dd64f8392684b382f5c6cb1f8035984c4c1a433717fe8464
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 11:05:53 GMT
x-content-type-options
nosniff
age
118651
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14275
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:20 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:05:53 GMT
Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
pagead2.googlesyndication.com/bg/ Frame 52FB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Thu, 17 Nov 2022 18:17:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
92725
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15969
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 18:17:59 GMT
1f8685a9eeb0ed00db54c09ae7709641.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f8685a9eeb0ed00db54c09ae7709641.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aeeadbd2d2483cd3ba8e90deb92d5fc119d6793e7c54fcad66b814018d16582e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

x-vcl-time-ms
13
date
Fri, 18 Nov 2022 20:03:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1f8685a9eeb0ed00db54c09ae7709641.png
age
3976854
edge-cache-tag
625737380514069316852732621553968435931,403773078799332577639039524826895761582,29ecf9b93bbf306179626feeda1fab70
cache-tag
625737380514069316852732621553968435931,403773078799332577639039524826895761582,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
380
expiration
expiry-date="Sun, 23 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.wpxi.com/
content-length
35450
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200116-IAD, cache-iad-kiad7000129-IAD, cache-lga21946-LGA, cache-iad-kcgs7200111-IAD, cache-fra-eddf8230025-FRA
last-modified
Thu, 22 Sep 2022 22:48:31 GMT
server
nginx
x-timer
S1668801805.961560,VS0,VE13
etag
"a6a64d6d0b0b200329fbed33f2d4f550"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 116, 1
activeview
pagead2.googlesyndication.com/pcs/ Frame 9536 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsskhpJU0j_eK67RWrn0FwOcbRe2n4Qh0y4ZGeKYqJV-7JAsU4DXu3bsXETw80cRszjgWKGaNYYkhE-rIJfY4jPSYZMCdtMfzL6O24NaQh7OE7VvdyxAiroVIWv4ACLUbW-iji2PbwP1xH06lgXeZZo01h6RQ-wlMT0r&sai=AMfl-YSnXq0hcfDdV8A9ZhU2PQrerMusCo6w2M8y17DOXZ-p1-cRFcJdZpqaRXl9bJhIsFNrb8rlvQuQtgLTmsXsZxL28_8uBYsTcMbA3yYPcR96FPtE9kXB8xhUAYus7BI&sig=Cg0ArKJSzG7gamoKacgqEAE&cid=CAQSPADq26N9Rg81EnVY_xwNgUJUBUiAS0ObWF-4ck-bFi8NuUfsjeo7b_yf1-ILA42mWX0mmsJYnbmizCceOhgBIBM&id=lidarv&acvw=sv%3D941%26cb%3Dima%26e%3D9%26nas%3D1%26sdk%3Dh%26p%3D980,10,1160,330%26tos%3D2012,0,0,0,0%26mtos%3D2012,2012,2012,2012,2012%26amtos%3D0,0,0,0,0%26mcvt%3D2012%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2012%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D493%26pst%3D531%26dur%3D25007%26vmtime%3D1863%26dtos%3D2012%26dtoss%3D1%26dvs%3D1968%26dfvs%3D1968%26dvpt%3D1968%26is%3D275%26i0%3D275%26ic%3D16777217%26cs%3D16781587%26c%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26lte%3D1%26ces%26femt%3D4154%26femvt%3D0%26emc%3D12%26emuc%3D0%26emb%3D11,0,0,0,0%26avms%3Dexc%26qi%3D635615763%26psm%3D-2147483645%26psv%3D-2147483645%26psfv%3D-2147483645%26psa%3D0%26pnmm%3D1668801798502%26ptlt%3D1668801805018%26pngs%3D9,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,2012&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.03%26t%3D1668801802684
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E724 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1578160828604052&bg=!2dql2p7NAAbvMpMzzzI7ACkAdvg8Wnj3pcuqNZxSyUbUlRIpQGHBxVZBDyuk3a3XtdrrZatomennrgIAAABLUgAAAAxoAQeZAtnlDn0EnBUGm7fJbduECt2hQiGltOykpkwwtvSZFm6LJOgqja2ZEohhIdM-E0g3i_a6X6aRDpWeOQGSsFxlPuZ_Y98nQvorRW5Dl-0TZ4AQGE-cml3EQcjPSBDlrxFs8pwyBhC1-Orgya6YhdBnT97FeN1vec1MPZEygF6Db1oE0aLuWkoFR7Z4oj80Mb6s4-FvnHQVsIZj4Qv9rWvy_7GmNTmtgyv-yaN9auKTWGdGOQ13nHOrgAw9zeZ6Gld8cA42lKbGTZSylTR5W8rrMlyNWGTuiCj4GgllefyAh45qFiEpl8abFq5lvib-soNatMZFHh9RHKxQpvKrgewTw7vR4gzc--YxNz0LGhQFLnS4POPPIHccILpN-IE1WGXAonnpp6_9OA3Kimj-wrTjRrodAhGM86Q0rvfmE20plPG2SbiA7lKpgVi0HL3pmA85ORxc3h5cznNUq80gdz37CU1py8jqo0yvCKzI8ePjs1rEFqhXONRvUWjHQehd98BmZ6uz3MnicpRhvrL6cmA27w2W7EqfskmMKW64sK8AqoBcWGA21h5r2ClMRQN4tbzNAx5IDVg4wB722jTVozyJBuKXKAcNQLNB0m-eYn_Kjmw1cxL1xNGgIzLv_rOOUw1H_pwYihFXpXkMU5KPWH6QS9n8RU_VRNcrkE1SqD2xjKIu_ZKro07IQJeYU77-o3ruQJ-16y-j46EB0BQSDAkg30HCPHIKAYsalfZyzhtUBUSUlcL-s5bQ5Vrxy0fOnFtS8SUBSNh4pUU-WzW5GVThCPkNPUPkd2w5jLM_m637dH1fBr4pjXn8iFGobiqKiEWVfEfBxzHp1YXOnHWoa1lRoY05Jxu9QgdD1UuzEto8IgJx6I6ZXwirvhhZP0MarYfJe5NxfL7poy2bNUy-oiBcRBC8mdiDO1c8KfPN8dzRQJwLcexdxl73zGC8zyjJi0KWV8vpZBr_UXVXPAc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
ads
googleads.g.doubleclick.net/pagead/ Frame 10EF 		156 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?ad_type=video&client=ca-video-pub-1740840196959600&description_url=https%3A%2F%2Fwww.hinet.net%2Ftv%2F&videoad_start_delay=0&max_ad_duration=33000&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&vpa=auto&vpmute=1&sdkv=h.3.546.0&video_product_type=0&min_ad_duration=0&sz=0x0&adsafe=high&hl=en&ca_type=image&unviewed_position_start=1&output=xml_vast4&osd=2&frm=2&vis=1&sdr=1&num_ads=1&t_pyv=exclude&video_format=43&is_amp=0&u_so=l&sdki=445&ptt=20&adk=3374998208&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.546.0&eid=44748969%2C44765701%2C44768717&ref=https%3A%2F%2Fwww.hinet.net%2F&url=https%3A%2F%2Ftimes.hinet.net&dlt=1668801796390&idt=915&dt=1668801805135&correlator=2412560305340130&ad_block=1&ged=ve4_td9_tt8_pd9_la9000_er0.0.0.0_vi0.0.168.300_vp0_ts1_eb16747
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 6352 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=21661793632707&bg=!j4yljMjNAAbvMpMzzzI7ACkAdvg8Wt08Kefg3r_88yBwCj-gBtohL4JHKDOifETxt0G23DBAoEbBOQIAAAC0UgAAAAxoAQcKAECBHEnCCVbrQ-xuF3lqbIl9gTsxKC0W2AOESRJrdFVOXGmxvd8azKu0qVjTAmaYxGSz3MgP5kgli5anJAhcR_pemQK8fyvyRqWjHLZy7L0gz8C-GVDew2nNCMrsET354UWubHoj5o1ViWs9TGs4f64oz43X9PbRY5cPhcj5Xi-yTMYr3VkXHNm7aLiM7a9JQup6BDI5mfQNbQYOwtM1z1OW_UMZkMxElBsKDgQzYKtdV1BwHEV3DC6Rd50os35bdz0SF9ZFFEbK2XTt-CU8_Ea6_2fuXsdwa_AM_Q6qF__deIln8scUiNL-A0Jkhd6Y3gL342aMObiDtct3Juw_EyvHvBX-aNZbzQp6_59lyiWDXziq4aphIH3lJgsxdfKaNLUn076bi75cEb8Z753XgVhLNqvMMOlEL9JG9HQs-G7u-u7TIoMq6eZ_stT3XAXnRkt-llbxrka9cBhC1LCJmRzxaQHTiAg30baW5cpHrBZqmuvL8zYkF2709EspnNOiNP_UUYBZnQue9NaE8eM442UDrgJyt3hcTQLHUqHAejFwgRYTfCKi4IZVVhN7N6-Mg7qPjj95R9tU4kZYm9QDDJ-BKvAEncIvFLmje8SVg5H-hg_zavQhu_hPMGVuReM1NE1Q7RuKUKDtIwzlilhx__AEINoFRKsMvW7_tPoZA-Pp6wnd1J_9IqUDWzRGBhd34Lk3DSI4-GNTEG7-VzGJF5GEmJ-832pDP6xq-6WAb3fvUX6I3Kh_2sRU3wA1o9sYGLJ3lm53h5sk8gI5xDkMNDHqWurXrYzLhN5TNAy8usngpBs89oA2mZ1w4LMRr58fRAF409GPLfmco_EwLrHH-reB0EPG5reKgwoeKTYH13cNJlaRMj4omA-BIyGiDcGMNsVHl6_wa46BiRD6oXplg_zu_cqdhTVIkhh9Dl43_bs2UxC1L41-Nyjk2DNjozJ28EbTJJeqA46v2b092x4x3COyIQTpalHdICby0OsalCXb4VchXZmYql5Rsr7dyfMzfw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
truncated
/ Frame 10EF 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/gif
third
static.cht.hinet.net/api/v1/trace/ Frame 10EF 		2 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cht.hinet.net/api/v1/trace/third?source=332&token=6377e50daa63e22494fab926&event=error&code=303
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.62 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:25 GMT
Strict-Transport-Security
max-age=0
Server
nginx/1.21.1
Connection
keep-alive
Content-Length
2
Content-Type
application/json
script%3E
ad2.apx.appier.net/www/delivery/%3Cscript%3E!function()%7Bfor(pivot=window;pivot!==top&&pivot.parent;pivot=pivot.parent)if(pivot.chtnw%20&&%20pivot.chtnw.noAd)%7Bpivot.chtnw.noAd();break%7D%7D();%3C/ Frame 10EF
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704
  • https://gocm.c.appier.net/avnet?url=ad2.apx.appier.net&zoneid=9704
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704&acid=q1dGPc__AfCUf5TTDuV3Yw
  • https://ad2.apx.appier.net/www/delivery/%3Cscript%3E!function()%7Bfor(pivot=window;pivot!==top&&pivot.parent;pivot=pivot.parent)if(pivot.chtnw%20&&%20pivot.chtnw.noAd)%7Bpivot.chtnw.noAd();break%7D...
0
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 15EC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022111501&jk=3928169728155833&bg=!REelRwPNAAbvMpMzzzI7ACkAdvg8Wkn7fNlAWTm3ZCL6eM437UVSpELDI8k-TyBztd8xZVAUeXyDQgIAAACrUgAAAAJoAQeZAsQ1pEm92J_rDC2oAcyjNJAbWcQbzbbDi5O7L0JqHmpB0U5c80jKUGumVQuQ2twEb1Vwq4U0_H3iDXhB3hAyrVD3qB3yhuAyUVIVIK3h4uVLl5EJOH5ZMoI3p9TpRc2fF2i3Yn_XUpH_G5eJo2WVmZjsVDksDwU6pD-eWJKo6PAtptZ1caKGdMB5EYan7TG8ZsLXIlsCb5SpucKiADWZKPLwkssCSOLB82GOM7wSbziorVxLdBJUMpeisf1L-0UHneQ3Bhs7Z899MBZKrNxZUo6CVwnXbwb2NEgFmh_Avw27r0Ilnw6LRFnpqIK2Um3wVNm538qERW-3VrObmcRSu6nQrR56qwxKu-hifVJ8hFPUbO_qYpCpV27pAYmF0dL_9VnN5jjooQVEpSZwU_ugHKxCKjOMSjg_pbBaUq5uZIv8Pbuks9oYKR50oojiCBp0LO-8B_0JSU7FqEhK-t6wQ9_tvVCrLMe_T6ZKQh5Wiyyc3ZCqGrrma6VAgwkJWaUeafNRfTPTCn0HW_ylqqCk12XPNN9wyCTMzXZug-tNgwG1NcLAFjD7UJBw49nfJeN-tN7d0-oxvSNWAU7aYb-e90SsrNnW4jpcHj781IIyU-9nQV56FeiYKu2rTXIMxIcXBiXt5k8YhzbhWBtPtzRawIRkFU9JzkmHiddgOzKjxFFDNPaTc5ki9uZQHTSJ-UC0_lUtqrs_3E01axYMm7VCOUP6Qcnse18dIRjAwcWm0dQ0Aeimp4ZqU4bXBCJ1RhH42SGbQHtACx1wwrI9tv0wl8yG_KJseLd0IOGcsiwbv6fZcDpt0KCTgV083uBjRwRnbnwFYBSdV4kAPP-F-P6kgxWCbjOkMjRZEFqfvX74uZ31sIcRCgEsbZuErSyrEHJv74gpMfR3V1Rslcgcz7DiR2Gebam6uPy7bp9roc9br7FLnt_sqis
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 0384 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfK5Tm4ksupTs_qsWzpNBpgHFVQu7j0x1_Dg7-ys8tBQYoTdKWgXLuh-cw2xvMUMD1wGVMOAKvBGE-mlVnA0YDaltQ17ZKQzrWKiAyaIdj2_cW2qaEud7fuNFK9c6YxXczMxyzHg&sai=AMfl-YRHj70Dojhrsg0Nwxo-Atf-TlG5SyQPkXDLuywHbFntsI6bSC3ZUffuq3NMh6rPQpI0i_hiM7N2wbQFwX2oqkSpPZhnrDn5unVwb4EpsyPByxL-_SkOeBXZoA78pbo&sig=Cg0ArKJSzPGIcr0j2bAMEAE&cid=CAQSPADq26N9vy8Frp14l5HlK6yidjM8QMNcixXiv_IxRAsaMTI3rx1QcVDVh1nhIyE7tEgnW3iw48JTgw3hGhgBIBM&id=lidar2&mcvt=1001&p=745,1000,995,1300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20221110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=4242415979&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1668801804554&rpt=231&isd=0&lsd=0&met=mue&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:25 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewable
ssp.tenmax.io/supply/tracking/ Frame 6352 		0
206 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.tenmax.io/supply/tracking/viewable?bid=0ebe46b0-677c-11ed-a98d-8f82c9fddd8e&chid=2c371eadc7fb4ce0&sid=a8ebbb33367a4652&noAd=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://times.hinet.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:26 GMT
Server
nginx
Connection
keep-alive
X-Application-Context
application:prod,aggregator,build-ext:58070
P3P
CP="CUR ADM OUR NOR STA NID"
gen_204
pagead2.googlesyndication.com/pagead/ Frame D196 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=508.0000&a1=https&f1=layout_html&s1=0&d1=57.0000&i=632011263531&t=419&c=p&lp=%2Fsadbundle%2F%24csp%253Der3%24%2F11689999083124395179%2Findex.html&gqi=A-V3Y9-OFquA1fAP4qOv6A0&qqi=CKH22pHDuPsCFfWmcQodzaoICQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
script%3E
ad2.apx.appier.net/www/delivery/%3Cscript%3E!function()%7Bfor(pivot=window;pivot!==top&&pivot.parent;pivot=pivot.parent)if(pivot.chtnw%20&&%20pivot.chtnw.noAd)%7Bpivot.chtnw.noAd();break%7D%7D();%3C/ Frame 10EF
Redirect Chain
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704
  • https://gocm.c.appier.net/avnet?url=ad2.apx.appier.net&zoneid=9704
  • https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704&acid=9wPZ1JnuCWGGtLwSD-V3Yw
  • https://ad2.apx.appier.net/www/delivery/%3Cscript%3E!function()%7Bfor(pivot=window;pivot!==top&&pivot.parent;pivot=pivot.parent)if(pivot.chtnw%20&&%20pivot.chtnw.noAd)%7Bpivot.chtnw.noAd();break%7D...
18 B
33 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad2.apx.appier.net/www/delivery/%3Cscript%3E!function()%7Bfor(pivot=window;pivot!==top&&pivot.parent;pivot=pivot.parent)if(pivot.chtnw%20&&%20pivot.chtnw.noAd)%7Bpivot.chtnw.noAd();break%7D%7D();%3C/script%3E
Protocol
H3
Server
34.96.119.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.119.96.34.bc.googleusercontent.com
Software
nginx/1.19.0 /
Resource Hash
99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:28 GMT
via
1.1 google
server
nginx/1.19.0
content-type
text/plain
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18

Redirect headers

date
Fri, 18 Nov 2022 20:03:28 GMT
via
1.1 google
server
nginx/1.19.0
content-type
text/html; charset=utf-8
access-control-allow-origin
null
location
/www/delivery/<script>!function(){for(pivot=window;pivot!==top&&pivot.parent;pivot=pivot.parent)if(pivot.chtnw && pivot.chtnw.noAd){pivot.chtnw.noAd();break}}();</script>
cache-control
no-store
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
221
747094f314e26d13895a372925550717.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/ Frame D196 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11689999083124395179/media/747094f314e26d13895a372925550717.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc098278aac58b01e2d6991a55580f53a9b353bd0ca73f785a3df892485f2fa7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 17 Nov 2022 11:07:47 GMT
x-content-type-options
nosniff
age
118540
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27474
x-xss-protection
0
last-modified
Mon, 31 Oct 2022 19:15:21 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 17 Nov 2023 11:07:47 GMT
third
ssp.hinet.net/api/web/ Frame CEDF 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201702000041&th=29&wc=3133
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
third
ssp.hinet.net/api/web/ Frame 6352 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201702000008&th=29&wc=3130
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
third
ssp.hinet.net/api/web/ Frame F5B9 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201712000007&th=29&wc=3131
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
third
ssp.hinet.net/api/web/ Frame 15EC 		0
224 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.hinet.net/api/web/third?c=2017003&s=201712000006&th=29&wc=3132
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.47 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://times.hinet.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:27 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://times.hinet.net
access-control-allow-credentials
true
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 9536 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C00IEB-V3Y9LkBePF7_UPlsqMyALJoO-SbKmg387aELCQHxABINHhgnZglYKAgLAHoAGW24LgA8gBBakCka74eGhVsT7gAgCoAwGYBACqBIoCT9BJfYLW8W7MOlGY2GuQiDa5GvJ6LU49I_odG8jANW1EodLaXucKYfNnpMv3WztXb-mJn4OB-XvJwsjziAbg1wGvRVWKug9vlZwG7qbamIhUDEgaNL8PskRjE4Xe8AUUW1ViDtaAe5ztf7JiPh6-mUXE-MjCh16QLrRasgHaMwER92qySiDc9rGcr8qwnZXmItd9LXSdGpFPO7tjz5a3zo8eGizTUrFjO5MD6MBx4h53UWCrQHSEi48wALRc3_pP2xLrkctZOkaE4D2yclWXOUMlp8sS6yojAGYzrbPYrTaVk9VvHjS1xEAhxgS7rle2zvViks-k6XcqblQrA8KVNis09vinLDEg6CHABNHB8aGRBOAEAaAGVIAH0qT9H6gHjs4bqAeT2BuoB5zcG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwGoCAHSCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDdAVAZgWAeIWAggB-BYBgBcB&sigh=js0yEW3Z0Uk&cmd=Ch1jYS12aWRlby1wdWItMTM0MzIxODM3MDAxNTg3MBAAGAI&label=video_skip_shown&ad_mt=5051&acvw=sv%3D941%26cb%3Dima%26nas%3D1%26sdk%3Dh%26p%3D980,10,1160,330%26p0%3D980,10,1160,330%26tos%3D5078,0,0,0,0%26mtos%3D5078,5078,5078,5078,5078%26amtos%3D0,0,0,0,0%26mcvt%3D5078%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26a0%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D5078%26gmm%3D4%26efpf%3D2%26nmt%3D1%26tcm%3D0%26bt%3D1316%26pst%3D531%26dur%3D25007%26vmtime%3D5050%26is%3D275%26i0%3D275%26cs%3D16781587%26c%3D1%26c0%3D1%26mc%3D1%26nc%3D1%26mv%3D0%26nv%3D0%26qmt%3D5078,5078,5078,5078,5078%26qnc%3D1%26qmv%3D0%26qnv%3D0%26lte%3D1%26ces%26femt%3D4154%26femvt%3D0%26emc%3D27%26emuc%3D0%26emb%3D26,0,0,0,0%26avms%3Dexc%26qi%3D635615763%26psm%3D-2147483585%26psv%3D-2147483585%26psfv%3D-2147483585%26psa%3D0%26pnmm%3D1668801798502%26ptlt%3D1668801808084%26pngs%3D9s,14,15s%26veid%3Dxdi%3A0,amp%3A0,fmd%3A0%26ssb%3D0,0,0,0,0,0,0,0,0,0,5078%26ss0%3D0.03&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0.03%26t%3D1668801802684&sdkv=h.3.546.0&vci=CgsIAiAEKgNhZDFAAApuCAESGHB1YmFkcy5nLmRvdWJsZWNsaWNrLm5ldBoHQWRTZW5zZSAEKgw1NzQwODAxNDM0MDEyDDYxOTA1NTQ1MDUyMkCpHFImEA8lAADwQSgBOgs2alRHQnh4U0ZVMEIJZ29vZ2xlYWRzSMYCUAAYAQ..
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Nov 2022 20:03:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
third
static.cht.hinet.net/api/v1/trace/ Frame 10EF 		2 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.cht.hinet.net/api/v1/trace/third?source=269&token=6377e50daa63e22494fab926&event=error&code=900
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
203.75.213.62 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
nginx/1.21.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:28 GMT
Strict-Transport-Security
max-age=0
Server
nginx/1.21.1
Connection
keep-alive
Content-Length
2
Content-Type
application/json
rmax-ad
ssp.tenmax.io/supply/video/ Frame 10EF 		807 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssp.tenmax.io/supply/video/rmax-ad?rmaxSpaceId=c8ea10f92d7c4fdb&domain=litv.tv
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
211.21.190.218 Hsinchu County, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
211-21-190-218.hinet-ip.hinet.net
Software
nginx /
Resource Hash
376b7ad9e7d68d24ba8aaf09f8194eb924d5e95f9ba5be5498830a20feda3d7d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Date
Fri, 18 Nov 2022 20:03:28 GMT
Server
nginx
Vary
Origin, Accept-Encoding, User-Agent
Content-Type
text/xml;charset=utf-8
Access-Control-Allow-Origin
https://imasdk.googleapis.com
P3P
CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
807
X-Application-Context
application:prod,aggregator,build-ext:58070
ads
pubads.g.doubleclick.net/gampad/ Frame 10EF 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F37275962%2Frmaxspace%2Fc8ea10f92d7c4fdb&description_url=litv.tv&env=vp&correlator=2412560305340130&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=400x300%7C640x480%7C640x360%7C854x480&cust_params=adx_region%3DTWN&unviewed_position_start=1&vpa=auto&vpmute=1&sdkv=h.3.546.0&osd=2&frm=2&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3374998208&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.546.0&sid=ACB0F741-E046-41D8-99BC-EAFF8A52F002&nel=0&eid=44748969%2C44765701%2C44768717&ref=https%3A%2F%2Fwww.hinet.net%2F&url=https%3A%2F%2Ftimes.hinet.net&dlt=1668801796390&idt=915&dt=1668801808778&scor=1801674826895892&fbidx=-1&ged=ve4_td13_tt12_pd13_la13000_er0.0.0.0_vi0.0.168.300_vp0_ts0_eb16747
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

date
Fri, 18 Nov 2022 20:03:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
third
static.cht.hinet.net/api/v1/trace/ Frame 10EF 		0
0
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		0
0
truncated
/ Frame 334C 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e222adace575902a83a50c0a263cd2501c661729ac3134b2c1d6f7a7fba310fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.110 Safari/537.36

Response headers

Content-Type
image/svg+xml;charset=utf-8
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 334C 		0
0
rpc
p-yonder.svc.litv.tv/cdi/v2/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.hinet.net
URL
https://www.hinet.net/tv/mobile_iframe.html
Domain
f684792fd6fd88f5fbb48071b0718d47.safeframe.googlesyndication.com
URL
https://f684792fd6fd88f5fbb48071b0718d47.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Domain
googlecm.hit.gemius.pl
URL
https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEB7JdaBdQBN9ShjgouPDa5g&google_cver=1&google_push=ASkJ3FZ8fc1dTyC29mMAN2sUUAIzopDqDvc2iYPYlrZm1s0t4u3rvLSrOgrqmvB0SHIimQIV7qlmliwnbZEdptF4i3LlGdJRWwuXN1E
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022111501&st=env
Domain
ad2.apx.appier.net
URL
https://ad2.apx.appier.net/www/delivery/%3Cscript%3E!function()%7Bfor(pivot=window;pivot!==top&&pivot.parent;pivot=pivot.parent)if(pivot.chtnw%20&&%20pivot.chtnw.noAd)%7Bpivot.chtnw.noAd();break%7D%7D();%3C/script%3E
Domain
static.cht.hinet.net
URL
https://static.cht.hinet.net/api/v1/trace/third?source=270&token=6377e50daa63e22494fab926&event=error&code=303
Domain
p-yonder.svc.litv.tv
URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Domain
p-yonder.svc.litv.tv
URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Domain
p-yonder.svc.litv.tv
URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc
Domain
p-yonder.svc.litv.tv
URL
https://p-yonder.svc.litv.tv/cdi/v2/rpc

Verdicts & Comments Add Verdict or Comment

233 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 function| $ function| jQuery function| OnImageLoad function| ScaleImage function| imgError function| fixImg function| wholeImg function| fixImgs function| fixImgsWH function| setDefaultImg function| setDivNoPic function| setLiNoPic function| neverBigger function| qualify function| fixedImg object| _taboola function| hideIfNoAd string| cookiesPath string| contextPath string| today function| initSetting function| toggleSetting function| toggleTag function| radioChecked function| checkedSetting function| saveSetting function| saveSettingTag function| saveWeather function| toWeb string| partnerId function| hiball object| __hitagCmdQueue object| TRC object| _tblConsole undefined| msg object| _comscore object| FB function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl object| COMSCORE function| udm_ object| ns_p object| __buffer object| hitag function| ssp boolean| hinetworkpop boolean| sspreview function| noAd object| tags object| attr undefined| adWidth undefined| adHeight string| pathname object| __core-js_shared__ object| core object| ppnio string| newsId boolean| idleFlag function| idleOpen function| idleClose object| divThird object| exposureThird string| jsonXml function| fbComment function| KayakMain function| filterNews number| taboola_view_id function| doPaging object| Mustache function| scrollToLatest string| template function| setFontSize function| refreshFontSize object| fontSize function| nextDouble function| getAdText object| weatherForecast function| updateWeatherForecast string| county object| _rmaxStyles$ object| _rmaxInlineStyles object| _rmaxScripts$ object| rmaxads object| googletag function| showPartnersHide object| adAutoClose string| GoogleAnalyticsObject function| ga object| WOWOCEAND2S object| sectionCode object| WT function| scroll_it function| scroll_it_wobble object| RSetElem object| elems function| getCookie function| vatrack string| va object| placementData object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| cmTag string| nam object| _impactify_ object| _impactify_tags object| google_reactive_ads_global_state object| _cm_wfCounters function| Ta object| Ua function| Va number| bb function| ab function| tb function| jc function| Qc function| Rc function| Sc function| Wd function| Xd undefined| impx_jQuery object| impxCom object| _impx_pconfig object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| _pop object| _popIn5_config object| PopInGlobal function| Treasure2 object| PopIn6 object| popInGlobal object| PopIn object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| JSON3 object| PopIn5Conf number| mdAdPosition object| PopIn5 object| ih1Ccl_scr_d_api object| impactifyScreenDisplay object| impactifyContentApi function| _imp_ih1Ccl_rmd_func object| closure_lm_915162 object| sas number| blockedPercentForAddtlConsent number| numberBetweenZeroAndOne boolean| isBlockingAddtlConsent boolean| sas_blockAddtlConsent object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd object| GoogleGcLKhOms object| google_image_requests

73 Cookies

Domain/Path Name / Value
times.hinet.net/ Name: Tid
Value: 06f04a50677c11ed92dd005056b11227
times.hinet.net/ Name: JSESSIONID
Value: 6AD3ADA8BFAB1AE9BE94311AC98ADC77
times.hinet.net/ Name: UqZBpD3n3iXPAw1X
Value: v1We4+JQSDsvU
trip.hinet.net/ Name: Apache
Value: JTo5Aw-AAABhIxWhiY-c7-CRefFg
trip.hinet.net/ Name: cluster
Value: 5
trip.hinet.net/ Name: kayak
Value: KlQI3zPGxOpLGZyO3gx3
trip.hinet.net/ Name: p1.med.sid
Value: R-5zndI6HvFo0POG8OpAz5n-5UM4XYdcSNeuVfdGfZqqSpWfh4rpOAxb6s1xjls7T
trip.hinet.net/ Name: kayak.mc
Value: AeeAcO11UDRP51ctVTxkR5R02rQDqhxS3OTizoJdyywQWF-JlEVdM2Ev-Wt8v_nUDAe1gM5o5sRpTwcVE3uWYE9kzwpq3E_UXtssZJ--O3QPBtoxEnBJxZbWpdubyxXB3sWVdKzfJPY5_Kq0mZWwYUm4kW3rFb4-kz9qu3ZpMLT9CMPZdBDHrKQfLtLUmDCK6LN7VLHmN43ZX2BdtFOO7EQ
times.hinet.net/ Name: setting_locale
Value: local1
times.hinet.net/ Name: setting_star
Value:
times.hinet.net/ Name: setting_weather
Value: 63000
times.hinet.net/ Name: setting_lunar
Value: 0
trip.hinet.net/ Name: mst_iBfK2w
Value: s7kq5uUfviOx4MyyOUcooqEl2_6QKzL5mKQPTIQU_AB73PpbAPcYb3oP1sqtNzZw
.ssp.hinet.net/ Name: uuid
Value: 7d19f8d9-09e5-b279-dc9b-65ccfbda485b
times.hinet.net/ Name: adid
Value: 7d19f8d9-09e5-b279-dc9b-65ccfbda485b
.hinet.net/ Name: __htid
Value: 164582de-f8ec-40d2-a370-995413964d97
.hinet.net/ Name: _ht_em
Value: 1
times.hinet.net/ Name: va-dtid
Value: 1668801794282
vatrack.hinet.net/ Name: track
Value: 145335529
vatrack.hinet.net/ Name: sid
Value: 679269326
times.hinet.net/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dc78491ff-2206-4058-b6d0-5949b4935819-tucta716a82
.hinet.net/ Name: _ga
Value: GA1.2.1365366507.1668801795
.hinet.net/ Name: _gid
Value: GA1.2.2022163553.1668801795
.hinet.net/ Name: _gat
Value: 1
.hinet.net/ Name: __gpi
Value: UID=00000b83e7f6f835:T=1668801794:RT=1668801794:S=ALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg
.doubleclick.net/ Name: IDE
Value: AHWqTUmPIW_nhlOar8m9g-iKz1cOwmwBUw03N7L_Hw95l4GVRUQDi2NBaNfeheKJ4wk
.spotxchange.com/ Name: audience
Value: 09a6c71a-677c-11ed-99f1-1a404fd50306
.hinet.net/ Name: _ss_pp_id
Value: 42b14c28a38df9e99451668801795961
.tenmax.io/ Name: uid
Value: 09f91d80-677c-11ed-a5bf-7544f118a13c
.tenmax.io/ Name: wt
Value: 1
.litv.tv/ Name: _gid
Value: GA1.2.1111182539.1668801796
.yahoo.com/ Name: A3
Value: d=AQABBATld2MCEKT6J1RUqniC9pooQ922uggFEgEBAQE2eWOBYwAAAAAA_eMAAA&S=AQAAAjwvOWECmeksdMk5OMWIDP0
.doubleclick.net/ Name: DSID
Value: NO_DATA
.hinet.net/ Name: _ht_hi
Value: 1
.litv.tv/ Name: PUID
Value: 8080aeff-b8c6-4d1a-9927-a73ee1c786ad
.litv.tv/ Name: _gat_gtag_UA_138079999_6
Value: 1
.litv.tv/ Name: _gat_gtag_UA_138079999_10
Value: 1
.hinet.net/ Name: _gat_UA-46698217-3
Value: 1
onead.onevision.com.tw/ Name: onevision_guid
Value: 0a60f19b-677c-11ed-b851-0242ac130002
.taiwanmedia.org/ Name: PUID
Value: 8080aeff-b8c6-4d1a-9927-a73ee1c786ad
.hinet.net/ Name: __gads
Value: ID=fc59f85f1f66ff27-2278856254d800fe:T=1668801794:S=ALNI_MZyKDGW23IzVEQU_NvRMogTdEfWLQ
e2elog.fetnet.net/ Name: ApplicationGatewayAffinityCORS
Value: 6b0e2434884901f3d18043d82c9e2aa3
e2elog.fetnet.net/ Name: _ctid
Value: fa9d24859057425cac76b48f0b0c0ccb
.quantserve.com/ Name: d
Value: EHIBCQHNJ4EA
.quantserve.com/ Name: mc
Value: 6377e505-05343-6773c-9fb5d
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.casalemedia.com/ Name: CMID
Value: Y3flBRcDwPfSrsIl-kTANQAA
.casalemedia.com/ Name: CMPS
Value: 1104
.casalemedia.com/ Name: CMPRO
Value: 1104
.pubmatic.com/ Name: KADUSERCOOKIE
Value: D5CC2E1B-5FC8-422D-89D1-C8A75476EDFB
.casalemedia.com/ Name: CMTS
Value: 1107
.popin.cc/ Name: uid
Value: 42b14c28a38df9e99451668801795961
.adaptv.advertising.com/ Name: adaptv_page_url
Value: "M3h9qeyoFhjizhYsmlsKWXwjd4VgcclFS/QtglwkN6cf2j-8bqT3//lfk1VoNpEHjpTFDYSxOyrDgzb8Z1Dz8fw8vVnb3eM0MuAVq/rj1ZMVvTu/Nq628YdVJeri5PGF"
.litv.tv/ Name: _ga_JRLWM3RJSP
Value: GS1.1.1668801796.1.0.1668801797.59.0.0
.litv.tv/ Name: _ga_EKKX3GNP7C
Value: GS1.1.1668801796.1.0.1668801797.59.0.0
.litv.tv/ Name: _ga
Value: GA1.2.1047831193.1668801796
.hinet.net/ Name: uuid
Value: 98914fb3-5f8d-4d90-8675-6a1052f28272
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY2ODgwMTc5OHZsZWExZGUyMDIyMTExODIxMDMxODc4NjczNTAxOTgxWDExMjc5M1YxMjI2MTMyNzAyTVN2aWV3b25laWRaMjhmd2ZCZjZ3UlVtSERIRHQzdEpKWkM2U1hUUVFlZlk1akJvbmVpZF9fc3VpdGVfTmV0bWl4X1JlYWNoMTIxX0JFU1RQRVJGT1JNRVIxMTI3OTM
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_RTG_EXA_15018&mediacode=AFF_la_112793_-HTLP&utm_term=AFF_la_112793_-HTLP&utm_content=O2_AFF_RTG_EXA_15018&spid=2022111821031878673501981X112793V1226132702MSviewoneidZ28fwfBf6wRUmHDHDt3tJJZC6SXTQQefY5jBoneid__suite_Netmix_Reach121_BESTPERFORMER&wfid=112793&affiliateId=v01MTQyMTExMzExMTExMTExMTEwMTQyMTMyMDAwMDAwMDA2MTY2ODgwMTc5OHZsZWExZGUyMDIyMTExODIxMDMxODc4NjczNTAxOTgxWDExMjc5M1YxMjI2MTMyNzAyT
.das.dna360.tw/ Name: ApplicationGatewayAffinityCORS
Value: 94d5a82ab8aad276a04fb5ba25da03ca16359dd971049dd106e2e2ee67eaf5bc
.aralego.com/ Name: sspid
Value: f0300188-5d81-33f0-89dc-ffc4e14d019b
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~28d8
.w55c.net/ Name: wfivefivec
Value: eqbdVQio1OW7A75
.ctnsnet.com/ Name: cid_d8954f32e5154e5f8b99813089b51f31
Value: 1
.ctnsnet.com/ Name: gid_CAESEB86XgnuPP4-LBH8VAbtSYs
Value: 1
.tenmax.io/ Name: pb3
Value: doubleclick
.tenmax.io/ Name: ul
Value: 514624859
.w55c.net/ Name: matchgoogle
Value: 5
.tenmax.io/ Name: x_dblkuid
Value: CAESENcOao7F25_abVCLKCBYAoQ
.tribalfusion.com/ Name: ANON_ID
Value: aqnseFmMZaE9DXqwmyCTKRSjh6EoRu9ywh1XSymZcTWDt1jvQPqJQcSKHnqRSl7JW9vtXm7QyL6Za4ZbnFXc2VZcC
.hinet.net/ Name: _td
Value: 15709560-8031-440a-83e8-e8c94a63201f
.c.appier.net/ Name: _auid
Value: q1dGPc__AfCUf5TTDuV3Yw

14 Console Messages

Source Level URL
Text
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
rendering warning URL: https://www.hinet.net/tv/mobile_iframe.html(Line 6)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/11689999083124395179/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4457659720163747&output=html&h=400&slotname=9686321785&adk=279151516&adf=4198862038&pi=t.ma~as.9686321785&w=580&lmt=1668801795&format=580x400&url=https%3A%2F%2Ftimes.hinet.net%2Fnews%2F24260251&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1668801795021&bpp=1&bdt=242&idt=289&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&cookie=ID%3Dfc59f85f1f66ff27%3AT%3D1668801794%3AS%3DALNI_MbNLzHWsu7q5_7pi_Hsdd4lnB7aMA&gpic=UID%3D00000b83e7f6f835%3AT%3D1668801794%3ART%3D1668801794%3AS%3DALNI_MYGKqn-snyxy0UuHEa2mHly867-Kg&prev_fmts=0x0&nras=1&correlator=5316747536603&rume=1&frm=23&ife=4&pv=1&ga_vid=1365366507.1668801795&ga_sid=1668801795&ga_hid=145283762&ga_fc=1&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=300&ady=1112&biw=1600&bih=1200&isw=580&ish=400&ifk=359666599&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44777877%2C42531706%2C31061691%2C31070950%2C31061693&oid=2&pvsid=3341626603551332&tmod=1214574978&uas=0&nvt=1&eae=2&fc=1664&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C580%2C400&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ea20tpo3nqio&fsb=1&dtd=296
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/11689999083124395179/index.html".
network error URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEB7JdaBdQBN9ShjgouPDa5g&google_cver=1&google_push=ASkJ3FZ8fc1dTyC29mMAN2sUUAIzopDqDvc2iYPYlrZm1s0t4u3rvLSrOgrqmvB0SHIimQIV7qlmliwnbZEdptF4i3LlGdJRWwuXN1E
Message:
Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other warning URL: https://43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 15)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://fonts.googleapis.com/css?family=Helvetica
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://fonts.googleapis.com/css?family=Helvetica
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://fonts.googleapis.com/css?family=Helvetica
Message:
Failed to load resource: the server responded with a status of 403 ()
security error URL: https://3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/3592621189675155901/index.html".
security error URL: https://73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1(Line 16)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/12818013396504674824/index.html".
javascript error URL: https://imasdk.googleapis.com/js/core/bridge3.546.0_zh_tw.html#goog_1361879670
Message:
Access to XMLHttpRequest at 'https://ad2.apx.appier.net/www/delivery/%3Cscript%3E!function()%7Bfor(pivot=window;pivot!==top&&pivot.parent;pivot=pivot.parent)if(pivot.chtnw%20&&%20pivot.chtnw.noAd)%7Bpivot.chtnw.noAd();break%7D%7D();%3C/script%3E' (redirected from 'https://ad2.apx.appier.net/www/delivery/vxml.php?zoneid=9704') from origin 'https://imasdk.googleapis.com' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
network error URL: https://ad2.apx.appier.net/www/delivery/%3Cscript%3E!function()%7Bfor(pivot=window;pivot!==top&&pivot.parent;pivot=pivot.parent)if(pivot.chtnw%20&&%20pivot.chtnw.noAd)%7Bpivot.chtnw.noAd();break%7D%7D();%3C/script%3E
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://ad2.apx.appier.net/www/delivery/%3Cscript%3E!function()%7Bfor(pivot=window;pivot!==top&&pivot.parent;pivot=pivot.parent)if(pivot.chtnw%20&&%20pivot.chtnw.noAd)%7Bpivot.chtnw.noAd();break%7D%7D();%3C/script%3E
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0ee4d4ac18c4743675c5dcc7e1234850.safeframe.googlesyndication.com
164582de-f8ec-40d2-a370-995413964d97.t.ssp.hinet.net
2675b86f-e2c7-42ab-ba78-5831b3eae5b6.t.ssp.hinet.net
345be188a84fe70cf95a892b92fe38f6.safeframe.googlesyndication.com
3cfabfbec2bb494d0cdc3609f7d46897.safeframe.googlesyndication.com
40c049bd40f579caaf6e3829066840e1.safeframe.googlesyndication.com
43f5ada15436b5c901ed95320b055247.safeframe.googlesyndication.com
73c1f7cd83dd0b703280065d621ace95.safeframe.googlesyndication.com
98914fb3-5f8d-4d90-8675-6a1052f28272.t.ssp.hinet.net
a.tribalfusion.com
ad.doubleclick.net
ad.impactify.io
ad.impactify.media
ad2.apx.appier.net
ad4m.at
ads.adaptv.advertising.com
ads.aralego.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
adsv.svc.litv.tv
adx.adform.net
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api.popin.cc
api.svc.taiwanmedia.org
as.ad4m.at
assets.ad4m.at
b328c1262e96b4cc9e77882a7cea4f0a.safeframe.googlesyndication.com
cat.fr.eu.criteo.com
cdn.js7k.com
cdn.jsdelivr.net
cdn.taboola.com
cdnstatic.svc.litv.tv
cds.taboola.com
ced.sascdn.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
csi.gstatic.com
csm.eu.criteo.net
das.dna360.tw
dmp.tenmax.io
dvr.impactify.media
e2elog.fetnet.net
f684792fd6fd88f5fbb48071b0718d47.safeframe.googlesyndication.com
fino.svc.litv.tv
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
gocm.c.appier.net
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
graph.facebook.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
jsmodule.svc.litv.tv
lispeedtest.akamaized.net
log.popin.cc
match.adsrvr.org
odr.mookie1.com
onead.onevision.com.tw
onetag-sys.com
p-api02.svc.litv.tv
p-api03.svc.litv.tv
p-yonder.svc.litv.tv
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pips.taboola.com
pixel.quantserve.com
pixel.rubiconproject.com
player.svc.litv.tv
pm.w55c.net
pr-bh.ybp.yahoo.com
prg.smartadserver.com
prod-m-node-3113.ssp.yahoo.com
prod-rtb.ad4mat.net
pubads.g.doubleclick.net
pusti.svc.litv.tv
r.popin.cc
redir.adap.tv
region1.analytics.google.com
rr5---sn-4g5lznez.googlevideo.com
rtb.nl.eu.criteo.com
rtb.openx.net
s.tribalfusion.com
s.yimg.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
secure.adnxs.com
securepubads.g.doubleclick.net
sp.analytics.yahoo.com
ssp-hinetwork.cdn.hinet.net
ssp.hinet.net
ssp.tenmax.io
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.adsinstant.com
static.cht.hinet.net
static.criteo.net
stats.g.doubleclick.net
sync-t1.taboola.com
sync.search.spotxchange.com
t.ssp.hinet.net
taboola-supply-partners.tremorhub.com
tenmax-static.cacafly.net
times.hinet.net
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
trip.hinet.net
tw.popin.cc
ups.analytics.yahoo.com
vatrack.hinet.net
vid.pubmatic.com
vidstat.taboola.com
vjs.zencdn.net
web.ssp.yahoo.com
www.cloudflare.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.hinet.net
www.lead-alliance.net
www.telefonica-partner.de
www.youtube.com
www8.smartadserver.com
ad2.apx.appier.net
f684792fd6fd88f5fbb48071b0718d47.safeframe.googlesyndication.com
googlecm.hit.gemius.pl
p-yonder.svc.litv.tv
pagead2.googlesyndication.com
static.cht.hinet.net
www.hinet.net
107.178.241.176
108.138.17.16
108.158.46.104
108.59.1.185
119.63.193.220
119.63.198.143
119.63.198.188
119.63.198.189
13.32.121.77
13.32.99.105
141.226.224.32
141.226.228.48
142.250.186.166
143.204.89.67
151.101.193.29
151.101.193.44
172.105.199.172
172.217.18.98
172.64.154.237
178.250.0.160
18.156.195.47
18.194.190.109
185.64.189.111
185.86.137.113
185.86.137.114
185.89.210.141
185.94.180.123
185.94.180.125
192.229.221.28
198.47.127.19
20.184.62.41
20.212.113.236
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
2001:b000:589::3
202.39.224.124
203.66.32.196
203.66.35.104
203.75.213.47
203.75.213.62
203.75.214.136
210.242.135.3
211.21.190.218
212.82.100.181
23.36.163.12
2404:6800:4009:82e::2003
2600:1901:0:76b9::
2600:1f18:612b:4264:5cc5:a32:da3e:ed7e
2600:9000:237b:0:9:f0ff:5340:93a1
2600:9000:2490:6600:3:cecd:5f00:93a1
2606:4700:10::6816:8ee
2606:4700:10::ac43:14d9
2606:4700:20::681a:71b
2606:4700:20::681a:bd1
2606:4700::6810:5814
2606:4700::6810:7b60
2606:4700::6812:19ad
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1288:80:807::1
2a00:1450:4001:11::a
2a00:1450:4001:802::200a
2a00:1450:4001:808::2002
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2006
2a00:1450:4001:830::2002
2a00:1450:4001:830::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9a
2a02:2638:1::2
2a02:2638::21
2a02:2638::3
2a02:2638::b
2a02:26f0:3500:4::b818:4dc9
2a02:6ea0:c700::10
2a02:6ea0:c700::20
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:200::300
2a04:4e42:400::729
2a05:d018:d29:3601:4801:a45e:558e:d423
3.126.56.137
34.117.124.131
34.117.234.181
34.96.119.68
34.96.74.134
34.98.67.61
35.157.211.94
35.186.193.173
35.186.253.211
35.71.131.137
37.157.4.23
46.4.41.145
51.89.9.252
52.57.54.93
69.173.144.138
84.200.5.215
01bfcffc34e1ea08d884a0d8af25c24044a13fdd2c1831362a485c74e3eaac35
04dccc299261a1c9f8a37a7527a673973fcf7343ff13cb43a4a690c373284ccc
05f32f13557a391dc71ab60fe7be4c898654feb72375195eaaa192a1a1988db4
06a0606f80ff46964f1b9fdff66077d431e62599ac049c5caadf7cb4f9c0d8e5
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0985fc9e6c924f671da4352346a551e7171d01be5c16aea4a2e9f966edc985f1
09a518bcf90c928c2df1fa6c7571c17f6d2d299a228f21562eb36905a92cfde0
0ac540acc7481f36469b83ca4b3d6ba2b73ce5902a7e7e56eaf978de0283d363
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b5db445762c70c8d002dd808b2f6a222950987153ef5fd65237fb9260008f72
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0be8935522591d1e31877940437b8bc3cf60e3ac474fcf5978cbf0c07100b9d2
0c2c3833db039b05863f40069917952f041b8b245e385b6d8b92e93938b78c7e
0caae77862b4e3db781b347a3229e8f0122cb80adbadf2432865ce67f5b8d22b
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ef57a78ec5c1a714df0f1d917fa3c6ad56999b6d701123b5cb56115410334d4
0f35e9afae4d24612fcedd815c247d633510a123c6f9f409222a89c75ffd2419
10c2b30be072e0473500fe63dccf58fb5dd4210e80dd1c4d5517d89de74162bb
11093965cab85c1e47839623f442f8fd9e9f196f97b4b1b2e9db42a51c3515ab
12c9d6d2916997db91b922f730ad10a96051e8811bb77d6b7d16c7eb09d641dc
13ddd5194f5cfe75b4d9d0500831b1cc64aaac2a8ce2e10984e43533dc0ecc93
1444d8703b2dba64949fec72f764b30c2578682c307c460a738e9df480951a98
144f00958640a629a3d4499c23124bc1d0e194ab6ba98f781a30493c66c87845
149da4a013ad437a428680c1e04303ebc4038d2667105457b5472055e773e06d
14c8862a2d9916b08fb2ffeee08896c7819db0b22bcdd613c9cad2afdf182ac8
16bb1f66713c230d8b54654c6d74dad513d923d73d9d8015453dc472a6e9386e
16c4f02ec87866e99791c1ff2f2fd41ce97502fc2e07196d73f908140f7656c2
170d06a7edd0cc59181f4bd474422083d7870db254dc8b248093c54700860c9f
17d592f84ef08f78742618bbf73ae30777e7ffee8a5f6cf8e040013fc3c5e1b8
17ed3bb9d1c1bc6107ccd9b77e2afea2adcf57843f1ffe43fab4e7f7138cd356
18044d775a7745700d2a79e4063b68780c6e663f7761b1c774d95bde64db974c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1997e5fae742597b647978f12afc735e576dfabc72dfdb95466f976b039af5fa
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
19d30fa994cb314679523d92b8370332697a73e4c1bd72b434d12764ece27f21
19d58a7a7cf3194024f6f0ae6f1747280d554d1cee42aaf837c8892dc10d661c
1b7ccc4002d2466149f4c1434d90876a0fd332dbd744965ca80a721045d2184a
1bbad22b7141fb96f2592806cd1cf02e8ee6003d8a921b8bdd0a3bac5badbee1
1cc9e5b9a038b56587837431eaed3a222f9c696f9dff5c44beabb8ccc5e3c4f2
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1e15f65bcef05f2ea9f54e051da9bf7e6fc9eb00a669905c9ed33f4fd7ba26f7
1fa4c3d86e2f4ce501d789f6230a225e49959ffd4ca6e0552d516d5f9f0ade5a
1fd1077665f1279f2be5b244185eda10ab6085bcc64cfd15018f10107ae3f14e
2013feb290ee56dfc7e5ec62288b9cc6952b3774fcb0570545fae9377ec37c9b
21c8f6780050a1f0dd4764a2cb40838e978ef9c2214e66521f2f943ad7b8d8f2
230149a16e39bb5144cf95a66c3897be922ce296a96e1152f529fc2ea87b5d5e
23b9238d756b2b168c28c83fb60560b952638ece8079c5e5bc423a022bc5d5d9
249c4eba880cfb74e1b6e1d1048def310636dc3b1ce5b3fe525703fd4025238f
253eb5746eca714be94d1a0c70b0bd6216d681a4dea0b1745bdb43ed69fab701
27034a5082770002dd64f8392684b382f5c6cb1f8035984c4c1a433717fe8464
27a10aa32d21a15c135a8a16ec82690f621a16e4200ffce979fa36d2419a2778
27da1fea5ad542a272cdf70a784610a5983a6eab88ca16e1f3e534afed97b997
293f8ffd5a709807b597c92605f0ee341521b8445f94ff262172c93cddd5e84f
294593c4aed632598c22cd7ab624e2f37047e9a5c3d5fbb3c672172f307e73c0
29b2e791ac08da45f7a1f8d52773ad72e07990d2ef98540ab6a8f411f81c6bcb
29f6b82c1079372e094ef8b79c27e27dd9a7319a913664efd59a9ba535a4d43e
2ad32bac7a2433792f99bb26dcf20ee021040ad2c3b9ca9ceb7e96d2f30c0c4e
2ade426a28a1101d7b5f72b46d79b9a2a67801ae9d38cc5047c9a410875151fe
2c9426c5828a369824063be81f445427459e63d4723cbdd0b9fdc2fc0d50e8e2
2db0a43cf6d5a3f65b457a78124848371e3c4b0feea7017842ab3542164b6804
2e1c0ebf7754cb31a1f17efc56308561c1efee8c060f6e3c4f6a7ce25451a0f9
2ee42845a15cd492a2b01f162140cef49b10095411c5fdf77ea78fd6e6a50c2a
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
2fb94cc5f4e050854cd18abcf65c8e58f62f512e141acf6b256aadbc27f1a48e
31202d19710656ec3f32e2ca9a85f248f0fd0f786035ccfc09aaa94ef89816b2
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
322d2afe20db09827e2f1c47d0d08b70bbd428f5b2c2fb47934fcd2730ff243d
3532dc7720ce3ddcc7fd68188ac4322968e530db1694c88c1afc04f6288fb888
354e031ce167f0ecfab78158954d3504d4cc24ce9b89712aa49983ca3e046411
357c45d99be4828fdfd588784363f15810360c47338153f8e6afaab697171803
364d46add4e2a123d4deebc10a3f3ff40444ae6303cdccc6ecf319f9c2db41c5
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36ef2a989e39ae6f8d97a51ceaee070273d6dc46d1be51ea51dd46f38c4365f3
376b7ad9e7d68d24ba8aaf09f8194eb924d5e95f9ba5be5498830a20feda3d7d
386da25d238901a95b8757d630d6974526cef4b4602971d722ef920b5a91b5d3
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3ad753512028ab9454846db78b92c123be24f761177422832bad76120e06a6cd
3b2ea1c9f3587781b58285cf64279e67f6329a3924fb93f81529f1826e2f4d16
3ba185428dae889fa4874cb4985e4e057c69fc55eea670452d9e02a75f11b7d8
3bb5351d59c33c01019ffe6ca2fa98e122b40a0594cc460c5c870d54d62f9aac
3c47ff9781e5c10d5b7a4edbd121682c9d6150251dfa4c0820f9939a70e623f5
3c6d81022d9690b13ec3a5458d25b0c47b3591483059df871fda7ee3bd11b112
3c8082a1bbc99088d70f8094dd38270db383ed466bccec871fbc0105ade0627d
3d94148a8f294c9f43b47c9993c6e422d082e7b77cb8694ef5d338fc299a3090
3dedebaae73adc33be883fb7623603af1a1a070f571a0b1ffb015ae540fa0b82
3dfa1a24fffa5217c022642b6c3789b9cee2e44a504a484a7c7d750d164e0d3f
3e4a6537fffc5e09cfcda3d68106d0a930a4c7eb6372f03913abeed731f590da
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3ed3f03718eff3ffa2046ed596a64358bf78d8156bc22d20555181269a1632f4
3f17663a307134364af3e4ddc5a97ca0dd14b15aadb0627199151abd18c2e616
3f254f124ac5df59bea509037c6cc85e1d997b394cfed336c656add47aa9ba8c
3f2a941a3467eff8bf3ee73afb1b4e4c784acb5946d9a1c76613e92564eb010e
3f4fa536557822792183b6ec763dce9b254790fda214c96c47eedfce8cec6d4e
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
41be49b2c1f7e3a3463d40241f8c543e256ffbc279fba84d4ebd27af511b5e6d
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3
41e96bbcfd5ab72aef9f5068ee94e07dec1dbf1e21a272bbb6b116a16e8c5fd3
42215ceadd2b46b0b790c33d8cf26125384152dd3fd1a1b5917a5f6d5e8cc006
446a920d78747ec1b48b4d70a242ad5d3c583bcea9ae97c91bb39b57e199a70b
44dd9f1eb07201c37efbd02ab665a0592ee37ed3795d69e1abb3ac24627647cf
4506fb221c1dd5f5f33bee1421a19d4eaf99d878ef193e9675e907999b700c27
453f130034a0523860d786d602b419f84c966d13bfba58f38762b8d3fc0b2030
465f4aed8d354d179e53a289ca2ae468cbc7601ba78b9729984eddb2fda805f3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46feea97b31aa34ae5e558907f9ad3a8a1a4dbe5aab0f9cf267b5d7761d420fc
47119fea73affb35e35934b16ca3601cadd0235697bc2312fa12f7c8ad666030
4794c13ae992bbc521a37384c716bd0203c66bb2a5ea17fa71d6ec1dc8103274
480d5b26935e27640c98365cfc7bd4a663c82d2affb64ffae8a4bf9b01b5e9fb
4867d78d8cf2d27090f436525403b30019c5b9c6808f8c070e9aefd14d0de94c
4917a38e1d58f7b36fe882f03446589c36f40ebd329cfc54c5637bfed9f9824d
49ac9daac040d936bdfdaf9e2948f7d7b414e165a0a4e17ac88054236cf4df18
4a8ee0403f4c897f53c06e745374d863e8072abf0b3ecc61a6ac5665e9acaf6a
4b64908cd044a8400843222aa633ff48c4e4710dca3ebd27d0afb77ae6e172e0
4d6f09b49bc8582f0a413c867dfefabaf48920cbb25bfc3d3d760e2848a65f2a
4e0524f6acc3a65c90b93b7760e6e58ae838e9dc9506c7f34f13fad5965a4e0f
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ecd3e275813eedfddbaa4e1df452ac930665d45eebd4b7d9417ff65b0612f85
4f48e229601b1426b5bfa91241fabb8e94b27d790e5789d5b9f9d6c1e3215e83
4f6783d500427e61a892209ffccb262f379dbb23714af8a615739306f7bebc0e
50306bcc487145173c29411550075ff289df5e85f6bc9b617043b0fba3b447e1
51072353b091c5fb6fc64a0e404d4cd3ef8874c938f9c62fcf19c8358f21eea5
51212c5ccc55ff2d314b50522b8834f6f43cd5932467f47b624e335ab7603b3a
519dc8c12a8b15e63a3bd783ea99f513e35d997c2f3474e6a88580ff42e17459
5200e468e0ee79e62e5bd0cd20bf633ab19fbbbb728dbb690d461afbf9ffef9e
5207333941efa23ca5ba590b4f49fb36bd687094f851638156a92f8e6294ac15
538c72d3684a88df52c89796de73b98aa74cc6e7ce3d8826be58daa3f1953708
53a1a3d6c5bd947c6eee0a398e3d0ca97da62e9b6810519bb2940b9c435d1aa2
54868d1414fbbfd90c33e55ff9ba852bb3a89103446cfc04c863e61d76c67537
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54b15c4a34956e08301bd2ea20a3b4166a2196a2e2b793e35a8ef14527e9e5f6
54c71ffd5895d4c68c43d4e95d07b054538cdea0b23935b46522507b44888466
54e24e0d3e1d1c36f1e814e8c71e28f546faeca210e78c019016e045336b96fa
55172cf998222254b48642cc653c0333c6c9d69a8a69ea9141f193a477a8447a
558c137ae8d2421d46b2ced70dc3d8eb54a63544a53930b30a555b7686001c91
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55df3cf77c589900f113605dc258e0d6bbaba0da68f4583e5599bced6cd574a4
5a36011812516a45305217c2fc2d0a0b2fcf9e66e4c84708cc1b6818066024fc
5b2e686c5314dc9d47144d4d61d8b7c347dc19be674d905b3a0c0cae12d7fe62
5b685aa3b92ad997c10e92e89a5a58e48e97f8811fd5692d19c2e4ee362f7fb5
5c1644c1130341e57dbdcddb81916a59cfa998c03f8216d604ffa652966d5b04
5c6269d98660443db9f9578af480b83a1c511c5a3a24602492fec3fd3dde2b62
5cd346875d100956f33b228c65b2eea3e958621a4d906b95c612c0c0c617a2d7
5d46b5a818894adfb303f61890f3d0ed390e464e9c69b4da41dd31875fd4b12d
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5d611297f378fe47fd515341a2f576e06a15dfc1bccb2ee2a595c33f986701aa
5da70f7eba0fb58c96620fb4129f236d5608f865f3900d2fd40b423b3dccda3c
5e5a26e546724b7e80d5f586ea747aa43861f804ead9b6a5d3a2d42601c52275
5f3d6bdc9e2abd036311e3c2d71bc9b8c305b28996a4dfe27a4f59c1895492d2
5f78b376c449eb72346fd7e6c3a1ef6afe242cb9953117ec67474f3dc5c46220
5f9116a1399823ea48dafc6c485f8a53abbfd10b23436e8fc0a99f0764988fe4
6030e59b3284c2dadddfb47bb8f1f5446255b8276da0441575b9f61f2b355ea3
604e166945460e63fc2f154322f4ea873009230dc71da7ede053a54a16cf835c
610db2765a546cd3df8577915e1864fb3d8563083774c6168ef38fbcaade4d10
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
618d3c3e4761a7573bc98ec4e4620b3ec7464e9a2022bc2f7dfb4ae1943c3025
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627fabb28705f9298120ad164d77d20a9d97a55bc63ac90c95fd674e1afc2632
62e30fa31740babccb972d2544d6cf48356ad7d5864229f9d0750d5ae77a3a88
631ea678d80d250085c5640f76aa9064e8c5ee9d58f72fbf6ad90eee5d99c2e6
64416c005f1da729c05a1b8e32a0c15addd1c3722e63cc8d8e3766113b7f409a
647c25bc1c936fc303c992cea16b30adb3d15051971531df82e542c12ab8daad
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6566d8b13065cae77d67755f219dc7d2bec71310a58ee08486bc21dac6620f7f
666579d1f930d08be1c73dc367a512debb0e6535f999fc5b5470e399b8df9034
67a4be09e1cb505623ad3d53c2d1a1520d697811b879bc94298277734d3b9362
683ba69636e503587e0af8c9a602ba5c44c80022c811ce4d46b0acfef4612f00
6902a0288cb6796a73afa7387155eb665b95da1ac425bbb3799fc77d121bf7a6
69ec8663bf1831d5340d5296a087de1d08e134ff2c018136a5050f9a5022e4bb
6ac8a6a5a955091ee9269f2f9b738859ad85e013ce22d70ad560451e9b40f863
6aff6e410bdc2fc619d0215c218f8c7d5bfeaa60c9781f074be350979f11b5f6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bab08465d8d180141f26eb5212386e031713bffb94f54f8894c4386e63e7e74
6bcedf7d1b09239b1a8e2a6d4ee1e8a3936eb591a629031e10e863b338caa60b
6c387c7d90607aef5af34bd725ea7e2231e00575b3fef63e9edfdabd4d2c1a9c
6c46b95b6a04469c152640a5caa33a1e4060b1c1515fca04e33acf71a697d1a6
6edaa19857115029e0f03fba463c8f4f29d711cbdfff32de1c68a01d34e33e7f
6f036fa79597e97410bbe9a223a92ed409aa34b72175e0f4a2917e70eb49171b
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
716315cd5003af76ab26facc35af4fc97cdbd5b7995660f14d1ced4b5246d88d
7174220f5fae89350dd7546a1f7fdd646c163011688b4a1a7c8344dbec14119c
71a64d82ed79d6c4c8cb1c52e11a4e233ae803e37d4331e4ffcceb99b876f791
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
75477f3949958becc4b03ff08e32ce45672db6409b821184fef888f2a61fbd51
77a323150f50c5b7247600c252a193f22281c4e103edd43d5e28030c2892209d
77badaaf2ba76b5d6db51af10d6df7f6e1183fcc2d475577b94c5aa640606120
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7a638a3c8fc99b39bf4ffc2224211a530cdeaebab0d2236beb596755a35896f7
7c905fa103f34e93986a57259d8034d3446a0ff54288f066f2263f177584fb24
7dc54c2cda854fd13e31131cc463e928a7702893b8dc77d67f58b95cfc0f7736
7e7d50dff7e062f09548ecc0ce33b8be7579faae5a2a703ae55ce0c7e859eab4
812e7916a940bbb32e8cdb65f1f3b186844b2c94dfc37d4ed72bdf4bef455cc3
81f33cd0683272db1be7bc7ea3532a9651d2121a5264a0c1bd47e98e5d1028a6
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83732b4a56c1e1fb338d653acee13b75dba599516cabd19b61064b142eb49eb4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8543d41d13ed84a396a15da4d087d8aa57d26bf8d6575fec3b38a5be271f1ab8
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
858a18aee53859e8d35f4bea69a0cd7c2dd28a825c3462c0a1580afb50c3806f
86138d6b9f293675aa721961d190c5bfbf1755a9d945b5d6a74a69378ae41fbe
861aed070db50ce0da9928455deff784c115b44540b09450f225ff7cff0c7429
8665f9fb827b94b5b4001148ed08b6a29b75cfac0c654dcfe03a94ebb30c8fc1
870209306d465a51427de40a0492422a44be68420a14c7cb6dd32ddc5580e86d
886159f3d64efcbef2670c09f4f949274f6c13927e93957aa1589f41ceb006f3
8aeb2aacc69370ca7485addf948ff95becd05d389274aea6c079c1c6f2f27cc0
8b3dea915098363883a4534e6a2c97c90a3eb574f4a1fb8eb67440dd628fc3a8
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e9f1b04ba4aa0432fb62384b84c438523b6bdc1571f4a91e86aae39c01e8cef
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f72a92db0ccb8f7560cb76d7bbd47185e85d12ed8427ab39ad0c35dc0bd9216
8fc7e33f886b5624e02fc55f874da2c1b9627aa7652856f2eb3d2f06d336a339
8ffe681c75b23ae8d4d7b4c1349712ad95e84198bfef3c22eab8283efae88eb6
9082df375d326487e81a00c11e7b9c8b01ccc95423e066fa05e6d3239b335d8d
90ee20c6b2fe58c0bc327b411d5a68e2be5eea7b37eb642ee9e1a73f4c51f5eb
92010ba63f2888c34518ec986d33cdef5ce0aa7ef20cb2b65dae6e257aa57c97
92016b724fa9479a90f88aef013f6e078bcb247c5b6ee3281a0c7ecc007775d5
939e7ed4cc62d8c8b958e48e5cfe0a176e10e80e8f9cbe8e4fa983ba4c445732
94c4d4ba5a3e18f8a57f2b02c076c74f90e6a98c2fce6f1b0f20113e45fce80c
956abac063f343827e8fbd9eeb322237a3d540405bda4b55b4988742cad639d1
95abe5b1e4ce00e56c1c7d08820eb0eaf6eb888d6551905af5dfbcec42a4e835
9848e1900be6fb5365aa67f8f7df1f0aff3c354c97ee22628c7d1808154de6ff
985da98fe4a246bd70fb6491c0c1624ee92d2dd32e67e14c12669ad2f0c4b1ea
99eb12f2ab3c4866a353e098ffa3cb7a967e617c49b98480394ec5d8ea92b094
9a8609eeda77369cd567a813411d740959695b5a47db762f2f6dfbb6006cefcb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bb22fb29d4dee597bd42cbd2b3bc41d351836d9b7409730da060174ce3b2e50
9c522722cc91d64f246f766deb7d58c282a3564f0b4646174d10e98e2b0c3a92
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9ed7c9b6e38e405c40e249161c718e2d2d6baf5889c95d17723f86787641ed1f
9eea1c23c8b13390f2fc682d43f4d941504a961c621090d8a851891cf5d6024d
9f836de20c607ff0e1905466421e9b34ab1ba34eb3cd0e1acdf0587182867784
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06fcec0798cf647e7214434bc14ee170b6bd6c0b123749d1716ca1ae1cf4cf2
a0a5acfaf87f0963217eff8390e77a005f0e4dd6d08b324e1c9af9f911796cdf
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1924109f4ebcefaa18fe7a0402fdf2870c00c10196c16960cfdd951a35493bf
a27b0d8ced8f1461a7f63953a04e799cd081285b034ae2b2a6470be73b22adaa
a36ed14a42299e784ec6e1b833350aaf216b425339904f51fb80a54becea5460
a3d666d61ba0b00cc6b56203773cfd9be034540c7d98bfb32031f21a8d0489fe
a3da22a435976dbc1aa933bb0a870f2dd410c95ab9d4f4284ea0188eca61316b
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4c7748a8849068a7262049472b6b640aea77d843c16a57de3e34d3c47e4a01f
a558dc731872adb52490cf8550eb796d0d0b448df332e38f815228576dd0cd5a
a5feba8ce66eafb93cd4dfff5083877ea2b2bf8daaded3058288b7cddb956cfb
a6ddccdccd06b72f1cc3ee1cde2a9a44f92e1cdc86f7dd8fe3da200cd7cb9be6
a6f14ca7333c57d1950c3e0630acab83f353d2d41158323980ebfa740413d8bc
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7ce9a3a3497bd8dfc36ac8f2437b7ed699b3041fed13be80fb0fed3f24716b4
a80a3a5eed64d6eb9097a6e2dd787eaa96dce7e75828e37f7225f92d661ba10f
a907b5d217cc55e8569c8c1f2026b66f12337525f79315ff1ee5edcf48817f96
a94b1df49cd1f0179f5e1110f80d13b97bb84f3ae1310ff67829d68db89df390
a9a71eaef4525955e005478a8545b54fd4429564e1ecd9f4d943c93ea21a8d87
a9fd5bbac433e59062c2d99afa46d81ec0563ef5e98bcb68f7a94f9101165f0d
aa23ab86a61744f51cc8f2b620d9f5215cd85f76e10f533222f602d0ab31b0e0
aa3e36ec57b9cda02d0dcfc114a0ab0a117d97df8724943c958815e242e92ef6
ab15c5a5cfccd3a2d2a2eaf84576b70df55269e55d60bd77b9b8949966b91a74
acc34957b0589e8f0b854df23b2f98dead0fc1a75298ca469e2558ea4414c816
acdfd0556eb63b1b400a99d4600b64db9d4edf7e2fea2c08d5d235c9f5ace0f7
acf183f80a5cfca3dedf30d00d7f00eb859fde72f5cee1c7542da830da89b380
adc24d49794343c273a5590a066402c375609835dc12f5a9109ff84c28e6159e
ae86278189aaa71bbe01e42bc8d08c6998f2aca71c2ce11bcdc05a6b45841859
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee799c4778776cafb4ecf97d1a209be0013c5df5e67c50dc24d946d18c6017c
aeeadbd2d2483cd3ba8e90deb92d5fc119d6793e7c54fcad66b814018d16582e
af2ac8055983b59c939388ef2b32ef532b5eb338d4f1758be91a125d4f07d83f
afbbb050849fcbc7c6d14145c41703ab3c3758800fec218fd7ce81cdf654896e
affc7465346ea96f040285c0a25779820afddb764f9e9bf8e6fdfe3162891602
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b02e6b61207b6c49bd2a17f45889950307d0c21ef2d5fd7ccc803530ee0e7fa1
b0654a899c19be64fd31e18a50404c5bfe4032990b9304a62b046882ae6a72e6
b0712bdd758d44549d0eef51c1016fa1799dd98a9e9a0dd5dd162f86520c9afc
b0bbaadba0e46405bfde24d4492d85c49a548102a6150720deafa2adcac4ecaf
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b148f438352f698bb6152b02803f64f38b075a81accb4d3ce30c12b82038c0e9
b18bd4784a444f6743026ba6e776577c1a0a18227e21f9bd2f6242cae2342c58
b2f98901f12da5267751a1cf392249ff92e9c6672fba36e637305b1ce56e42c2
b3a0422736f8f35a4b698a4ddbc4a2673f0d061ecbcfa9d117d2b2fed32c5348
b3a1231790be53aa5210678e207c61bc8376c752f0c5a33df9e3eae23cc3b0a3
b409c9d8e227cfc9f2dbeb9116f1d49220ad0fcc9d7cddb4a5a7bd9e1c47a891
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b4698e4108a364a339ae3aecb146c246cf9a3b83fd23fd93717eaf8f122508ac
b4aa697c66c4f8cc73d5bddcb32627fee22179e316fcc71e3660c9856253e075
b4f2789f8fbf81164a3af6a087ab355ce2e66e8cdbf123fdeeb5aa6e15696edc
b564f84dfba92ae05b09b499a5194af6844d6b5e2d7f5c0130ed792aa3db87e4
b59dd2965f58fc20aa2ec6600b3051df031b4ae638b4742e944224f9df43b2fd
b6143dd8d4449f713a4e2eb5dc579391b1df11f1ea6a9cb16c34f5fbedf82614
b639864f07aa4711dd44dd5a09e5fa230d0d3f82465dfdc2b875a3380c301283
b8762489d85cde14939797c8fe3c9a9fb638d9d2ebc6bc8e524213ee29d2d398
b898198e3cd6d595d2917c53da74a6136c43f6b3e4b5dd46cc6e0cd743ba9676
b909b819de73b529dfc23d1223be82163e1a034c44ee8ae31598b0d20bce3d34
b91ecb32957428249b27cca1c6818d9a3e62f3f9fef7d3537414c279fbe44a95
b9b060fea5d40ed1a199f9ffec8eedb296149c1c5289e65818742d16f24f4dc4
b9ca279dfface650f04e1a9f05bec5c01082e37324845de669c28a090636b263
b9ff9a757c3ede701ed6304607dce5da3de0e1af8e9dba3dce6264d7a16deca9
ba4c287aa8f5c8cad7347c3f5b1da6d4eb00ae6ef9792b1a91eac4a882b27a02
bb3ddc1e9f0657db1d5ac712d5752513fcfb8275e4666fd0c2c21712755237cc
bc098278aac58b01e2d6991a55580f53a9b353bd0ca73f785a3df892485f2fa7
bc789c11f792ba3fee7ec986d060f5efc6bea4c2ebc10c05b027ee5549835328
be0a4d03418d3b32789b1abc6ccbe1ac80a7732da568a1e7aef705fcf76d9f1b
be72158957981ab0c54608d52f74fa1973ce9b65d4d6d62396db50aead1b27a5
c09f88beef2fa64da212dcff0cfe9c0075221ecbf280c67c8841c6afec15ed9d
c0a898a2dcfa5fef330cc475218837d18afd1925818fcb0f04e552b37e0195c8
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c2b3bd344266b0e4a44b8add0800dcbf04237255843c23d507a924b6584f9889
c2c4d4ebf5dc7968063414e8cee5e6f78a4a72e5c65c96f43f8a6d073e646b12
c469eb09c5f7446e86248b81be58f53a99a92c90dfe27f253a45826c7c05f366
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c5e2a8ed52b4f7c1706467a053a88aeebe816ae23217d87812d1709a71267a46
c607e5c4838e294efc296a9535a7e361e79353def49976206a99c0967a97d3a6
c6638bb9397e6bcc4b4899a6ec8b70fb191fac0b6c379fd3cf6ccced95e8c1a0
c7839bf6f5f615f1e09231be909b7b4b3654e5ed13fd41db679d2eb25077ca48
c84781905f58d97b5ff9d0bc798d47b1dae59f7580bb1b1dc1cf33b3b741dc53
c8b7a9b205325f5b9814ceb75ad1a4095d980f20f445e8bdb2a7b5227932092e
c9244ec01b005c2513817a2983888ff8f5e58c6d9766da7fcd9e2f09ee47099b
ca29b7029d4b64ea43a2c3d370073a2e0e756f169fce555599e36892771647c7
ca834b6489d8d5bb8ab1b48bc5bfb1250114c207fdc9abe5b287ee78c72e659f
cabdfb214a4f4a69ac417ff9e48f28610667628fc23b6573f9d1e7cc2d47617b
cb7247b4a69d87ea6d29e93741461e178748c73be8bd0c73c6aa166da9ae56d0
cbda26309731e9052cda082e4d70c2e28dd654d259651e356a59a69a5903c9db
cc4a92247f35202aa42226123437df07b26d10b6811f0e00a658f9956f24b978
cd1c4f56a2b52983938cea5c748e9d1be8d98a93cc911ebc16c92a4e787368be
cd7346e0240bc8981dc94b70606cd773c00e2fe5a84a5b7745164c7ededd6226
cda6c3c4cc8df7c5b7802f32fcaa88e25c3742484df6f463d3cf823692280c88
cdb71be7dca0a2bc583d6a9fcb1e776519d597a9fe39a98fcf0350a9722ac5d2
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cfa7fa2f983c68f068d1286c9d309ca3537732b7937d673250ccdd203bc86bf3
cfd0940423d2c9c029138721abda900b18147f58a28e47b4e5cf5f5322f5b687
d0365d6c9d95c7fc1f71e4d607e55cbb1031662f3870be65a4b40b4bff3449e8
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d10602b0b4be4710e24c06e60e114825e29bcf678de50242f4a962ac0ba9196f
d1eecba73cfd67721e4e3dc1f14693d70b935e84e21b43d65aa12ad8cf2bbf32
d38c1fd7f1e167828e49c6483d6c1ab0152806da6d25fd80389776624ee8e938
d3f36220e12640e742dacc9215c68eadf81530c7c02187bc87dc2e8ae0f51e3f
d4cdafe6ecbfa16d5ec9455f936c8eafa0245b0ae3bc846498b952c72d5b7f39
d55934a99c7ba8bf7c785518707b04b8b05a3bf227cabb1d3b8b731f4cf4052d
d63a0e4ea320c3674d77dc2b87ab23aad3d4807b32aca18314c6c1c713cdb42b
d6ee04a3b930e47e58abe0750df3a68f68392449f9261083bef70fd9caf4e74d
d768a9a96ec1d342e32ab005482872fd8fb00982ceec46f969684fa72affbd01
d77b5fa8ab16e810b58ac909b4ad45c6568dfc3ff491d16567fce40288bf087d
d7bcb7b0529ef5c289a8d8302b60f946370caa9e8c077bc353517668767a5958
d81f2ee155cfd49a8894b96b4d5ef63e1c2cbf32c3088702e8906e1c34454ba6
d87d3f1d2e06366da74bcfec32f7ad325809e494b59bbcb56bb940bde0801c14
d9a364b7a57001e61d2afe10a43ddbd7ea9535c617d887a64a13835ddceaeb81
da6739c0a1154c50bde6c6ec8feae23247eb9f672707e14286067e69fcca99ab
da7bfdacae66cbc83e6063d3ce4687b0edc0db87f562f114cbb43166fd61e4cd
da877ad2c44df0beca30c18a53358b832ce9603964a11fa61a1eb059a5493559
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dc5266c9baba411c3cf1d8135a6352891f127e6d75e98a2d40d896be4f00c9f8
dd1fe4f8a74b8e4e567fd9ada0d5a70b18022de00b536b77a59c4425baf26293
dd382c876fd7255e44e3df2dc05e7a35755a9e9bb60d056a96e01ad135f952c8
ddb268570d64a641ebb583735c70e62d40a83b000df689a19bd53bf034ede2e6
dde62bd39efec70fac8c8d17a4fd1151608f0d08d09d3985abd7b1be9dfbbba6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de95f6cead9adf674494bab9271dbafc8188977c418b24c41e6819b8c430d8f8
dee26db05db16cdd88700e1f8de493b64553cca9299bdcf6acfeb9c43408e589
dfbad66a10b2fd63c2e23ec254093b77368ded0e1230f8340757a9765a3e5e0b
e013700dfacaed5dac122af2ceb85a29438d688fef6e982b48990a016bfbe154
e091e49dfd6df3afa2eadfb799c8703d4de4181707813348004d335bccf5f0a1
e222adace575902a83a50c0a263cd2501c661729ac3134b2c1d6f7a7fba310fc
e263c98762851f9972bd60fcea7a89cb21d8848944c82276177b7390fcdbf6b7
e26f45a1f2d1e64096a76fb49098177e33c162bc6535b4c21492256810c1f5d2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bfaf037e59a20b015836fbf6a9080e95a5ba9affdddcbf8008afb05e524df4
e4f7c7508ba476d337470d7d7424e3459d828bffa4eea611ebb712464ff64766
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
e532829f8b13b696a97e3cc23de2309220c72c4c0280ea83ec8561e065d2b96d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e62dd5df3a7d2deb80fc9946fac5bb1443cf19c1b5def6168acdc3067ee45a64
e6cafced5a19ae0e443dd2dac21a3934510f461c645cbd171c28a35b776e8ba7
e8106277c59ced35da9345137bb550cfefe871909872cf03739daf194ac2ff3b
ea1e99214a531fe7b257049c8ae1776ed49496dcc3c78a65af97f52599702560
ea39dba2b498dfe4e18255e241acf246f9229c8deb54e5b2530cadb51a25bd58
ec1339f1806f796dfde85351cfded370551a2e041520b29351c81670032fba78
ec4fb54889aac63583c60d32376263f346452c9417fb47262b5689fadb41d301
ed5de8cca50c0c2851a6edb31b918e608d7ce5ba1db6bcfa7082b1f03ad2b80a
ed7ea9fd1cc01b688caf8362a7f6727a0612f719730642d8e206f00f014ace58
ed89764635ac5c5d94c596496d619dd0f93e4a51e3269d8dd53f72d51407eb80
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef69719e547ba6c86825a9a7dec6c77c68fe2befe3f2e3def295ae094461ed97
f05047b7cd6381ea11cd85ba8fc069acfd88f1d5db9e7d2c98068a8d1d07d247
f18502eac6b3b3047e6601ba65c315170905034d804911d529173eaec5822545
f28236cf9fb53f0f4f4f35faf320aafaebca7c2f0679e6f13f8a4283ec5ed10b
f29f3b69ee546ca0c55363cc133187a504fe4cc432cddc212f61aef99aa70ea2
f2f0360da4f889974f00040b2da4c152456efe290a8d7ec533e9ad8404ac64f0
f3c01ff3cf1eede0634fd027a59dc3a5f2f82eb5cbe271f4aec1dffddb774881
f43762f8d21458d2db8345c175545afe7c12bd886a827956d78ae75dafc50179
f4449e6bc53a73a4c3693492b847e1573552d33f90ef7c41b6bd950c11e089a2
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5dbaf5f1edb7d0541488385712f35aeebf10c5b7279801e0f454480dc3e432c
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7cdf71044448cb736733f5163fff96081d51ba4101567d61d22ee5998a7a399
f96c8c8103c14a38aea79e05ebb36468293fb18df12afdf2bd3fa4962e911498
f9d76563f26b134771e14ff59d86f990905be5e55ea8976a33e7f2c72187dab0
fdc2c97f9d3c770eb8f8cf2de7b35b53a5dbcaecd6b25d9bd66f01cbadbcc5de
fe1cff98a7bc1e0499d22157a66131cda34ec37fa6d164df49106aeecf93f3d5
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff0014235e8e7f8387c727fc3ad3ca6d75780c07a41ad85efdc005645cb7bc9b
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff93395dae62cdb3911f3b65dd33001f77f661864406259f2fdfe7bff6a60ee8