urlscan.io logo urlscan.io
SecurityTrails logo

hk.on.cc Open in urlscan Pro
104.16.137.235  Public Scan

Go To Rescan Add Verdict Report
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Submission: On October 09 via api from SG — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 66 IPs in 8 countries across 48 domains to perform 454 HTTP transactions. The main IP is 104.16.137.235, located in and belongs to CLOUDFLARENET, US. The main domain is hk.on.cc.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 3rd 2020. Valid for: 2 years.
This is the only time hk.on.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 165 104.16.137.235 13335 (CLOUDFLAR...)
1 79.133.177.231 24429 (TAOBAO Zh...)
28 157.240.236.1 32934 (FACEBOOK)
1 142.250.186.110 15169 (GOOGLE)
4 93.184.220.66 15133 (EDGECAST)
2 99.86.5.163 16509 (AMAZON-02)
1 178.250.0.166 44788 (ASN-CRITE...)
38 142.250.185.98 15169 (GOOGLE)
1 151.101.130.202 54113 (FASTLY)
13 142.250.186.66 15169 (GOOGLE)
6 104.26.4.103 13335 (CLOUDFLAR...)
5 23.37.42.132 16625 (AKAMAI-AS)
2 69.173.144.143 26667 (RUBICONPR...)
6 157.240.236.35 32934 (FACEBOOK)
7 11 192.96.200.41 30633 (LEASEWEB-...)
4 4 52.18.246.238 16509 (AMAZON-02)
3 4 13.248.242.197 16509 (AMAZON-02)
9 23 142.250.181.226 15169 (GOOGLE)
2 69.173.144.152 26667 (RUBICONPR...)
17 172.217.16.130 15169 (GOOGLE)
1 142.250.185.194 15169 (GOOGLE)
9 216.58.212.130 15169 (GOOGLE)
3 142.250.185.161 15169 (GOOGLE)
4 4 69.173.151.80 26667 (RUBICONPR...)
4 69.173.151.90 26667 (RUBICONPR...)
1 1 185.29.134.248 30419 (MEDIAMATH...)
2 2 151.101.66.49 54113 (FASTLY)
1 87.248.118.23 203220 (YAHOO-DEB)
3 178.250.2.130 44788 (ASN-CRITE...)
1 104.16.18.94 13335 (CLOUDFLAR...)
2 178.250.2.131 44788 (ASN-CRITE...)
18 172.217.16.129 15169 (GOOGLE)
6 142.250.185.164 15169 (GOOGLE)
1 216.239.32.3 15169 (GOOGLE)
7 119.63.193.220 38627 (BAIDUJP B...)
3 104.16.136.235 13335 (CLOUDFLAR...)
2 178.250.2.146 44788 (ASN-CRITE...)
1 3 13.35.253.71 16509 (AMAZON-02)
2 142.250.185.174 15169 (GOOGLE)
2 142.250.184.202 15169 (GOOGLE)
1 119.63.198.189 38627 (BAIDUJP B...)
1 107.20.138.141 14618 (AMAZON-AES)
2 104.244.42.136 13414 (TWITTER)
1 74.125.133.157 15169 (GOOGLE)
5 52.206.105.201 14618 (AMAZON-AES)
9 119.63.198.143 38627 (BAIDUJP B...)
10 119.63.198.188 38627 (BAIDUJP B...)
3 119.63.198.172 38627 (BAIDUJP B...)
3 142.250.186.35 15169 (GOOGLE)
2 119.63.198.180 38627 (BAIDUJP B...)
2 142.250.184.226 15169 (GOOGLE)
3 5 2.18.234.21 16625 (AKAMAI-AS)
2 3 37.252.172.123 29990 (ASN-APPNEX)
5 138.201.84.245 24940 (HETZNER-AS)
3 4 35.244.159.8 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
1 5 138.201.63.150 24940 (HETZNER-AS)
1 5 176.9.26.250 24940 (HETZNER-AS)
4 4 145.239.193.130 16276 (OVH)
2 88.198.250.30 24940 (HETZNER-AS)
1 2 78.46.5.84 24940 (HETZNER-AS)
1 167.233.14.134 24940 (HETZNER-AS)
2 46.236.13.147 12703 (PULSANT-AS)
1 1 94.23.99.218 16276 (OVH)
2 54.76.176.197 16509 (AMAZON-02)
2 4 142.250.185.198 15169 (GOOGLE)
1 2 91.228.74.134 16509 (AMAZON-02)
1 1 18.192.155.173 16509 (AMAZON-02)
4 4 104.111.215.191 16625 (AKAMAI-AS)
2 34.98.67.61 15169 (GOOGLE)
2 2 35.227.252.103 15169 (GOOGLE)
3 3 185.64.189.115 62713 (AS-PUBMATIC)
1 143.204.209.94 16509 (AMAZON-02)
1 35.177.148.143 16509 (AMAZON-02)
2 54.75.239.54 16509 (AMAZON-02)
454 66
165    104.16.137.235 (None, )

ASN13335 (CLOUDFLARENET, US)
hk.on.cc
on.cc
ad4.on.cc
home.on.cc
ad6.on.cc
bknwebapp.on.cc
1    79.133.177.231 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
tjs.sjs.sinajs.cn
28    157.240.236.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frx5.fbcdn.net
connect.facebook.net
static.xx.fbcdn.net
scontent.xx.fbcdn.net
1    142.250.186.110 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f14.1e100.net
apis.google.com
4    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    99.86.5.163 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-5-163.fra6.r.cloudfront.net
static.chartbeat.com
1    178.250.0.166 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtax.criteo.com
38    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
pagead2.googlesyndication.com
1    151.101.130.202 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
13    142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
googleads.g.doubleclick.net
adservice.google.de
6    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
5    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
eus.rubiconproject.com
2    69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
smarttag.rubiconproject.com
6    157.240.236.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-frx5.facebook.com
www.facebook.com
11    192.96.200.41 (Washington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
ads.aralego.com
4    52.18.246.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-246-238.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
4    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
23    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net
2    69.173.144.152 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
beacon-fra2.rubiconproject.com
17    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
adservice.google.de
9    216.58.212.130 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f2.1e100.net
adservice.google.com
3    142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net
d07abc0539ca53a9b8c1fa36431bbb2c.safeframe.googlesyndication.com
e918485f93c6f7d0e561007eac9ffc5b.safeframe.googlesyndication.com
83a02cf37f3344bf491690fbb04daeca.safeframe.googlesyndication.com
4    69.173.151.80 (United States)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
4    69.173.151.90 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    87.248.118.23 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
PTR: e2.ycpi.vip.deb.yahoo.com
ads.yahoo.com
3    178.250.2.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    104.16.18.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com
bidder.criteo.com
18    172.217.16.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f1.1e100.net
tpc.googlesyndication.com
6    142.250.185.164 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f4.1e100.net
www.google.com
1    216.239.32.3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
7    119.63.193.220 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
api.popin.cc
3    104.16.136.235 (None, )

ASN13335 (CLOUDFLARENET, US)
tv.on.cc
2    178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
3    13.35.253.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-253-71.fra6.r.cloudfront.net
sb.scorecardresearch.com
2    142.250.185.174 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f14.1e100.net
www.google-analytics.com
2    142.250.184.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f10.1e100.net
fonts.googleapis.com
1    119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
hk.popin.cc
1    107.20.138.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-138-141.compute-1.amazonaws.com
ping.chartbeat.net
2    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    74.125.133.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net
stats.g.doubleclick.net
5    52.206.105.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-105-201.compute-1.amazonaws.com
in.treasuredata.com
9    119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
log.popin.cc
10    119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
r.popin.cc
rlog.popin.cc
3    119.63.198.172 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
inrecsys.popin.cc
3    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
2    119.63.198.180 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)
imageaws.popin.cc
2    142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
www.googletagservices.com
5    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
3    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
5    138.201.84.245 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.245.84.201.138.clients.your-server.de
hal9000.redintelligence.net
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
5    138.201.63.150 (Hockenheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.150.63.201.138.clients.your-server.de
hal90008.redintelligence.net
5    176.9.26.250 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.250.26.9.176.clients.your-server.de
hal900014.redintelligence.net
4    145.239.193.130 (France)

ASN16276 (OVH, FR)
pv.medialead.de
2    88.198.250.30 (Schwaig, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de
pb.media01.eu
2    78.46.5.84 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi1284.your-server.de
cdn.retailads.net
1    167.233.14.134 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-2.futalis.de
futalis.de
2    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
2    54.76.176.197 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
ad-server.eu
4    142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
5994599.fls.doubleclick.net
2    91.228.74.134 (United Kingdom)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    18.192.155.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-155-173.eu-central-1.compute.amazonaws.com
d.agkn.com
4    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
e.dlx.addthis.com
2    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
2    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    143.204.209.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-94.fra53.r.cloudfront.net
analytics.webgains.io
1    35.177.148.143 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-148-143.eu-west-2.compute.amazonaws.com
ag.innovid.com
2    54.75.239.54 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
api.webgains.io
Apex Domain
Subdomains		 Transfer
168 on.cc
hk.on.cc
on.cc
ad4.on.cc
home.on.cc
ad6.on.cc
tv.on.cc
bknwebapp.on.cc
2 MB
59 googlesyndication.com
pagead2.googlesyndication.com
d07abc0539ca53a9b8c1fa36431bbb2c.safeframe.googlesyndication.com
e918485f93c6f7d0e561007eac9ffc5b.safeframe.googlesyndication.com
tpc.googlesyndication.com
83a02cf37f3344bf491690fbb04daeca.safeframe.googlesyndication.com
621 KB
50 doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
securepubads.g.doubleclick.net
stats.g.doubleclick.net
5994599.fls.doubleclick.net
544 KB
32 popin.cc
api.popin.cc
hk.popin.cc
log.popin.cc
r.popin.cc
inrecsys.popin.cc
imageaws.popin.cc
rlog.popin.cc
201 KB
26 fbcdn.net
static.xx.fbcdn.net
scontent.xx.fbcdn.net
533 KB
17 rubiconproject.com
ads.rubiconproject.com
smarttag.rubiconproject.com
beacon-fra2.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
35 KB
16 google.com
apis.google.com
adservice.google.com
www.google.com
26 KB
15 redintelligence.net
hal9000.redintelligence.net
hal90008.redintelligence.net
hal900014.redintelligence.net
63 KB
11 aralego.com
sync.aralego.com
ads.aralego.com
5 KB
7 google.de
adservice.google.de
2 KB
6 openx.net
us-u.openx.net
rtb.openx.net
2 KB
6 facebook.com
www.facebook.com
30 KB
6 aralego.net
cdn.aralego.net
46 KB
6 twitter.com
platform.twitter.com
syndication.twitter.com
148 KB
5 medialead.de
pv.medialead.de
medialead.de
4 KB
5 casalemedia.com
dsum-sec.casalemedia.com
5 KB
5 treasuredata.com
in.treasuredata.com
2 KB
5 yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
4 KB
5 criteo.com
rtax.criteo.com
bidder.criteo.com
gum.criteo.com
6 KB
4 addthis.com
e.dlx.addthis.com
3 KB
4 gstatic.com
csi.gstatic.com
fonts.gstatic.com
143 KB
4 adsrvr.org
match.adsrvr.org
2 KB
3 webgains.io
analytics.webgains.io
api.webgains.io
51 KB
3 pubmatic.com
image6.pubmatic.com
1 KB
3 adnxs.com
ib.adnxs.com
2 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 criteo.net
static.criteo.net
39 KB
3 chartbeat.com
static.chartbeat.com
mab.chartbeat.com
33 KB
2 mookie1.com
odr.mookie1.com
998 B
2 quantserve.com
cms.quantserve.com
798 B
2 ad-server.eu
ad-server.eu
57 KB
2 webgains.com
track.webgains.com
6 KB
2 retailads.net
cdn.retailads.net
5 KB
2 media01.eu
pb.media01.eu
695 B
2 teads.tv
sync.teads.tv
344 B
2 googletagservices.com
www.googletagservices.com
75 KB
2 googleadservices.com
partner.googleadservices.com
694 B
2 googleapis.com
fonts.googleapis.com
2 KB
2 google-analytics.com
www.google-analytics.com
20 KB
2 everesttech.net
sync-tm.everesttech.net
629 B
2 facebook.net
connect.facebook.net
78 KB
1 innovid.com
ag.innovid.com
295 B
1 agkn.com
d.agkn.com
761 B
1 futalis.de
futalis.de
409 B
1 chartbeat.net
ping.chartbeat.net
1 cloudflare.com
cdnjs.cloudflare.com
6 KB
1 mathtag.com
sync.mathtag.com
624 B
1 sinajs.cn
tjs.sjs.sinajs.cn
13 KB
454 48
Domain Requested by
124 hk.on.cc hk.on.cc
on.cc
ad6.on.cc
38 pagead2.googlesyndication.com hk.on.cc
securepubads.g.doubleclick.net
tpc.googlesyndication.com
ad4.on.cc
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.googletagservices.com
24 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
23 cm.g.doubleclick.net 9 redirects hk.on.cc
googleads.g.doubleclick.net
22 ad4.on.cc 1 redirects hk.on.cc
ad4.on.cc
smarttag.rubiconproject.com
cdnjs.cloudflare.com
ad6.on.cc
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
15 securepubads.g.doubleclick.net ad4.on.cc
securepubads.g.doubleclick.net
cdn.aralego.net
hk.on.cc
10 on.cc hk.on.cc
9 log.popin.cc hk.on.cc
9 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5994599.fls.doubleclick.net
9 sync.aralego.com 6 redirects cdn.aralego.net
ads.aralego.com
hk.on.cc
8 r.popin.cc hk.on.cc
7 api.popin.cc hk.on.cc
api.popin.cc
7 adservice.google.de securepubads.g.doubleclick.net
pagead2.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
6 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
6 ad6.on.cc hk.on.cc
ad4.on.cc
6 www.facebook.com hk.on.cc
connect.facebook.net
static.xx.fbcdn.net
6 cdn.aralego.net ad4.on.cc
cdn.aralego.net
hk.on.cc
ads.aralego.com
5 hal900014.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900014.redintelligence.net
5 hal90008.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal90008.redintelligence.net
5 hal9000.redintelligence.net googleads.g.doubleclick.net
hal90008.redintelligence.net
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 in.treasuredata.com api.popin.cc
4 e.dlx.addthis.com 4 redirects
4 5994599.fls.doubleclick.net 2 redirects hk.on.cc
googleads.g.doubleclick.net
4 pv.medialead.de 4 redirects
4 us-u.openx.net 3 redirects googleads.g.doubleclick.net
4 pixel.rubiconproject.com hk.on.cc
4 token.rubiconproject.com 4 redirects
4 eus.rubiconproject.com hk.on.cc
eus.rubiconproject.com
4 match.adsrvr.org 3 redirects hk.on.cc
4 pr-bh.ybp.yahoo.com 4 redirects
4 platform.twitter.com hk.on.cc
platform.twitter.com
3 image6.pubmatic.com 3 redirects
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 fonts.gstatic.com fonts.googleapis.com
3 inrecsys.popin.cc hk.on.cc
3 sb.scorecardresearch.com 1 redirects hk.on.cc
3 tv.on.cc hk.on.cc
3 static.criteo.net ads.aralego.com
hk.on.cc
2 api.webgains.io analytics.webgains.io
2 rlog.popin.cc hk.on.cc
2 rtb.openx.net 2 redirects
2 odr.mookie1.com googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 ad-server.eu googleads.g.doubleclick.net
hal900014.redintelligence.net
2 track.webgains.com hk.on.cc
googleads.g.doubleclick.net
2 cdn.retailads.net 1 redirects futalis.de
2 pb.media01.eu hal90008.redintelligence.net
hal900014.redintelligence.net
2 sync.teads.tv googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 imageaws.popin.cc hk.on.cc
2 scontent.xx.fbcdn.net www.facebook.com
2 syndication.twitter.com platform.twitter.com
hk.on.cc
2 fonts.googleapis.com api.popin.cc
hal90008.redintelligence.net
2 www.google-analytics.com hk.on.cc
www.google-analytics.com
2 gum.criteo.com static.criteo.net
gum.criteo.com
2 bidder.criteo.com static.criteo.net
2 sync-tm.everesttech.net 2 redirects
2 ads.aralego.com 1 redirects ads.aralego.com
2 beacon-fra2.rubiconproject.com hk.on.cc
2 smarttag.rubiconproject.com ads.rubiconproject.com
2 static.chartbeat.com hk.on.cc
2 home.on.cc hk.on.cc
2 connect.facebook.net hk.on.cc
connect.facebook.net
1 ag.innovid.com googleads.g.doubleclick.net
1 analytics.webgains.io track.webgains.com
1 d.agkn.com 1 redirects
1 medialead.de 1 redirects
1 futalis.de hal90008.redintelligence.net
1 stats.g.doubleclick.net www.google-analytics.com
1 ping.chartbeat.net hk.on.cc
1 hk.popin.cc api.popin.cc
1 bknwebapp.on.cc hk.on.cc
1 csi.gstatic.com securepubads.g.doubleclick.net
1 83a02cf37f3344bf491690fbb04daeca.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 e918485f93c6f7d0e561007eac9ffc5b.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdnjs.cloudflare.com ad4.on.cc
1 ads.yahoo.com hk.on.cc
1 sync.mathtag.com 1 redirects
1 d07abc0539ca53a9b8c1fa36431bbb2c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ads.rubiconproject.com ad4.on.cc
1 mab.chartbeat.com static.chartbeat.com
1 rtax.criteo.com hk.on.cc
1 apis.google.com hk.on.cc
1 tjs.sjs.sinajs.cn hk.on.cc
454 88
Subject Issuer Validity Valid
*.on.cc
Sectigo RSA Domain Validation Secure Server CA		 2020-01-03 -
2021-12-13		 2 years crt.sh
sina.cn
GeoTrust CN RSA CA G1		 2020-11-30 -
2021-12-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-19 -
2021-10-17		 3 months crt.sh
*.apis.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-05 -
2021-11-09		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2021-05-20 -
2022-06-03		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-06-18 -
2022-06-17		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-23 -
2021-11-21		 2 years crt.sh
*.google.de
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-09-27 -
2021-11-17		 2 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-09-09 -
2021-12-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.popin.cc
DigiCert Secure Site Pro CN CA G3		 2020-11-12 -
2021-11-15		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2020-12-01 -
2021-12-30		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
*.treasuredata.com
Amazon		 2021-09-17 -
2022-10-16		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-02-05 -
2022-02-09		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
redintelligence.net
R3		 2021-08-20 -
2021-11-18		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.media01.eu
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-27 -
2022-05-27		 a year crt.sh
futalis.de
R3		 2021-09-10 -
2021-12-09		 3 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
ad-server.eu
R3		 2021-08-17 -
2021-11-15		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G1		 2021-07-17 -
2022-07-17		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.webgains.io
Amazon		 2021-03-12 -
2022-04-10		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh

This page contains 45 frames:

Primary Page: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Frame ID: E4DC0AD67572363A40C8EB602F1330EB
Requests: 237 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211006/r20190131/zrt_lookup.html
Frame ID: CDDB62A2B9924CB84C9AE79DE1371EDF
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: BEADDB14CEB642ED8CDD525BBFF648D3
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: FC07F8A0C70A9F72BBB98FB98D4C66BB
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Frame ID: 5D253A6EF2545C7D96678C25E3CBEE4A
Requests: 2 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/sync.html
Frame ID: 31CF5F7FFCA334622DF060729EB53C28
Requests: 2 HTTP requests in this frame

Frame: https://d07abc0539ca53a9b8c1fa36431bbb2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: AC34EF668BFC4B81F38F6125F496F9D3
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: 32E6187779C17EA412A07CAE920A3CAB
Requests: 12 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 8436415AA90EE2D49627C48B351274C2
Requests: 14 HTTP requests in this frame

Frame: https://e918485f93c6f7d0e561007eac9ffc5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D8EE1DA19852602887513623FB728B99
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 8B732093EB7DBB48C5F989B70F083B6B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1A04CD12D44B0127F7F35288391A934F
Requests: 2 HTTP requests in this frame

Frame: https://83a02cf37f3344bf491690fbb04daeca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: AB32EA817ADC8D06E0BA74F0C73BDEB2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9F8A5A2F64B97BA0E0E9C3A5EF3EAD86
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D562FAA1A6B789073F47FFBFA16D6F19
Requests: 2 HTTP requests in this frame

Frame: https://hk.on.cc/ad/ctf/290x50_content.html
Frame ID: 01D614A1DE83A001372438DF24130CAE
Requests: 6 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fhk.on.cc
Frame ID: 7F46CAF53AFA805C106EF6C01BF63A5D
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/v10.0/plugins/like.php?action=recommend&app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df49e036c5fcc%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=200&href=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&layout=button_count&locale=zh_HK&sdk=joey&share=true&show_faces=false
Frame ID: D930BEB7EE4F31297D0D8645132D5458
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv10.0%2Fplugins%2Fpage.php%3Fapp_id%3D1551914855123169%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3abc1aab01832c%2526domain%253Dhk.on.cc%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhk.on.cc%25252Ff2b34054208814c%2526relation%253Dparent.parent%26container_width%3D300%26height%3D215%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fonccnews%26locale%3Dzh_HK%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26width%3D298
Frame ID: 29521856D8E6CA43AFA386C8EBEF3C24
Requests: 29 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hk.on.cc
Frame ID: E6894BE835F0CA0DDA96B246D055F7E3
Requests: 2 HTTP requests in this frame

Frame: https://ad6.on.cc/web/html/google/housead/lrec1_423.html
Frame ID: DDC9D8CD8F3D7CAE343A7B48AC5655C0
Requests: 11 HTTP requests in this frame

Frame: https://ad6.on.cc/web/html/google/housead/lrec1_422.html
Frame ID: 5BCB92B9C545959B8B7E04CBB00D5124
Requests: 12 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/tweet_button.58065ae230495f5d9e4b6a916472b2c1.en.html
Frame ID: 95986668B81BD5134648DC0A26E189A5
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Frame ID: 72842F9514BBBB9042AFADF93C8034CB
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Frame ID: BC3E505DFE1071D03C24CC065839E6D7
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNU8VAeeGBvrN2N-zwJ_Y2AIv1eIT1jA4GzmR-Rwd-_vmsE8iBJBERbTEIJV-ghD89QCIYCYrqz2u-4p9g7MkvFJRc6zG5wPASeCgqIcskE8lsJGkBi6o66y5-Evhx3nwi6xf5MNSHtO-wNLavJgJ6OJ1U-0kqUxgR8AC_3HkRBOuDpbnTM
Frame ID: 7D5D0A9A19A78FAF7FDE64E5D2BEDD70
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUbZ-9lKkQLkxEpIMPOgUNEpfCoJWIMlKPY0I1jh-BvFilciftUKL8FaKrEv9tqBjQZqEW6k5k0dtUUFeLAroGW_ZMME05FqUmt0uBFhrGxsbAKm5c4iQzw3ehug_UYlKJtlw23M6h_8smMVDLpoQvIW3nG0tmMsODO1_Lfw4lE_GUMOuU
Frame ID: 4926B8A3022D6922E6120E06B7CC483E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6EE79FE6CE48EB8DD24DB39E5B8816DA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: BB6007951AC8DF712F695F29915AFCBC
Requests: 3 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=31009000010603400710616011742008&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 203207C61651314D2A309A4A4EFC5DFF
Requests: 1 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=925703526
Frame ID: 46143F9E043668E4B890A1D1CCA96D2B
Requests: 2 HTTP requests in this frame

Frame: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85341900008648900710616011742014&actionid=879111&produktid=ratenkredit&dt_url=
Frame ID: 02B800D01834171EA75F6966125B5268
Requests: 1 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIDr_-WbvPMCFeTLEQgdFJIDdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5448245473829.543
Frame ID: 87D2639215B9CA415131FC74D4393EB1
Requests: 2 HTTP requests in this frame

Frame: https://hal900014.redintelligence.net/request_content.php?s=85341900008648900710616011742014&a=af669ec2
Frame ID: 2AF28DB88E5338F1269B9A2DA526576B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0E37E32807505319E756F85BC0A1CE79
Requests: 9 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMKCh-abvPMCFQ-B3god6NgPbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9381956798877.553
Frame ID: 0AC07E2029190DD2F3138738AE1DCC06
Requests: 2 HTTP requests in this frame

Frame: https://hal90008.redintelligence.net/request_content.php?s=31009000010603400710616011742008&a=376563b2
Frame ID: 44E71DFDC056A385F5DDCFB8BF3046D0
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 869AFAE8EF68C1B36F77B7AC15398ADA
Requests: 9 HTTP requests in this frame

Frame: https://api.popin.cc/iframe/article_read.html
Frame ID: 6FB65C4FF57D267FD22753E08EA49E61
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 64F4C98382A2E8F09E4696FAB82A54D6
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 01F622758320C4A356F3A439C5A8F04C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 020E309F643435AD5261E3CA51437D48
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9230153FF47AEECE924C27101AB537C2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 10C5A4C80F92D31A387D1E24F73E53A9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C12A2298E6DD293C156F8B045B9E7DC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

膠樽回收率低 商場推賺積分回收機鼓勵環保|即時新聞|港澳|on.cc東網

Detected technologies

Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • swfobject.*\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
  • jquery[.-]([\d.]*\d)[^/]*\.js

Page Statistics

454
Requests

100 %
HTTPS

0 %
IPv6

48
Domains

88
Subdomains

66
IPs

8
Countries

4604 kB
Transfer

11330 kB
Size

73
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/53d0a423-3dc4-3f5b-804e-0386ebd3e6cb?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sUaigzpE2oWcIzXE_spq8zW5Io9TI6Pa2a51Tw8-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=f96a8a4b-4d55-46fd-b666-db4e6e04af57 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=NTNkMGE0MjMtM2RjNC0zZjViLTgwNGUtMDM4NmViZDNlNmNi&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=NTNkMGE0MjMtM2RjNC0zZjViLTgwNGUtMDM4NmViZDNlNmNi&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png&google_tc= HTTP 302
  • https://cdn.aralego.net/img/1x1.png
Request Chain 115
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 119
  • https://sync.aralego.com/idsync HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/53d0a423-3dc4-3f5b-804e-0386ebd3e6cb?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sUaigzpE2oWcIzXE_spq8zW5Io9TI6Pa2a51Tw8-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=f96a8a4b-4d55-46fd-b666-db4e6e04af57 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/53d0a423-3dc4-3f5b-804e-0386ebd3e6cb?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sUaigzpE2oWcIzXE_spq8zW5Io9TI6Pa2a51Tw8-~A&redirect=
Request Chain 129
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTgyYjljMmVjODdlYmE5ZDliYmE0ZjZkYTgwNGVlNGIxZGQ2YmUzYQ
Request Chain 131
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/JMdorkjy6tRLRBUUngRLqA?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1516888106578105114
Request Chain 132
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5f426160-f5a4-4000-90df-6f601ac95793
Request Chain 133
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YWD1pAAAAaj7yAAR HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWD1pAAAAaj7yAAR&_test=YWD1pAAAAaj7yAAR
Request Chain 134
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VKNTYyTTYtTS01VEpT
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHr0vF76E-pBk2ST9jmeWho&google_cver=1
Request Chain 136
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUJ562M6-M-5TJS&sigv=1&esig=2~ba1a7612b93272ee2094d8623dce4bc1ac3e5d63
Request Chain 257
  • https://sb.scorecardresearch.com/b?c1=2&c2=7914332&c3=&c4=&c5=&c6=&c15=&ns__t=1633744298720&ns_c=UTF-8&cv=3.5&c8=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E6%8E%A8%E8%B3%BA%E7%A9%8D%E5%88%86%E5%9B%9E%E6%94%B6%E6%A9%9F%E9%BC%93%E5%8B%B5%E7%92%B0%E4%BF%9D%EF%BD%9C%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%EF%BD%9C%E6%B8%AF%E6%BE%B3%EF%BD%9Con.cc%E6%9D%B1%E7%B6%B2&c7=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7914332&c3=&c4=&c5=&c6=&c15=&ns__t=1633744298720&ns_c=UTF-8&cv=3.5&c8=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E6%8E%A8%E8%B3%BA%E7%A9%8D%E5%88%86%E5%9B%9E%E6%94%B6%E6%A9%9F%E9%BC%93%E5%8B%B5%E7%92%B0%E4%BF%9D%EF%BD%9C%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%EF%BD%9C%E6%B8%AF%E6%BE%B3%EF%BD%9Con.cc%E6%9D%B1%E7%B6%B2&c7=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&c9=
Request Chain 299
  • https://ad4.on.cc/web/adview.php?bannerid=6414 HTTP 302
  • https://ad6.on.cc/web/html/space.gif
Request Chain 346
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZocZlkd6X1sxj8XNHv6dU&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZocZlkd6X1sxj8XNHv6dU&google_cver=1&C=1
Request Chain 347
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWD1rOaKlEtHJQKT99W-4AAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZocZlkd6X1sxj8XNHv6dU&google_cver=1
Request Chain 348
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIO75q1lmnTC3KlU_r91fcE&google_cver=1
Request Chain 349
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ4MjQ5NDQxODgyNjE0NDExNA%3D%3D
Request Chain 360
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEbMSgybiSQVps2in8j3a_s&google_cver=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEbMSgybiSQVps2in8j3a_s&google_cver=1
Request Chain 361
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODc1MzU5YjctMzM2Yi0yMzNlLWQyOTYtMTY3OTliMmEwZWU4
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEDV-K1hhRu24ZHW7tQNJFW8&google_cver=1
Request Chain 367
  • https://hal90008.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d1b023b1ff&subid=&uid=1985af215704b051&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-d0krPVgYczNJ9nsgAfil7-gBrXN-YNXzN65q-UM8C4QASC1zvcfYJXikIKgB8gBCakCnWwL5wZrsz6oAwGqBM0BT9CKiLNlQnm4NbstgMm0xJ73fTmvJT2ihlaNcDUq3ZlUafaRblS37h0jgPC6g9sTir2tqUuMCqYKrPARKJPk6-lAUnEH5ofL8l3QEaD-AuY4A9M_n9ViKc1JWhtS9cPVj380EMuQmpHFHOISHaaVxEh5jbJbIADBLR3KjSNMvXic11RFZ-4BHvFVB_GR3FOU1p06VbUrjIzmV5O5E0TeBA1fqh2F3C-gcq0QTCMxE-xt6rt49BI0Gm11a2S8z4Y7BXekUGjhMe0dd756W8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJHw2WkDLwUtKaM-gtZIJhQ%26sig%3DAOD64_13c23eZr7P2W9E4bjfzZSfgvGVhA%26client%3Dca-pub-3571272074788370%26dbm_c%3DAKAmf-ApUFt2VAoYBJEFIzo607imgA-Fs-fZ2TbUFRgf9up9qTuVdBQ5U7r4ByqZn7qjAJwlUkLywsFONfUmS7FYaNeRW6YzKEbThbso7Hvp6YMaaSBLobkr8KbGdhX3p3dREa1BZBBrtqA53dt_VPJazij-8Ry1SA%26cry%3D1%26dbm_d%3DAKAmf-DbdsCG88CtZbKcDFg4bWzDuXQTQ6UlEOKQCcVjs-a4eI3CGYfg1e5r7lFnmT2E_cgoPlhjRAudYI17_Rn0eDcz3XOBiu6rakvNajjFtF2qU46escDn0fGderpUcVHPpg1UyQV9wiouRD4IXEPaqOZObwNpfjMonee07wtEFn-y5jndk0NoaTiHY8Qrr-K3-inddtZELjWF0u5shaBrPzG0qstlAml2Gi0VBgPLOcwF5Uwq1nBA1kjfxXqhktV0YmD_7DUL5yx0n7vm_BF-7XvJvLsT5nzRBy41NMuvDRE_gf4YdioJfWUw-mbBb9gPVh6uuOBpTzZYFT18bRi_7GpTgYBEbGT7NvmZiO7ptzR7EqpoR4zqQcPy166CSA9G8VsQ0RhTU6VZJ-_LIUAYB4pqkDNIVPPXNzcU9ilFEkNQXNgGGfXE9Ln_n4o_QLyHa0UaBN0f0VnPxsMElsS7CC018bGi1xFYsBLUKkq1QCC9KZuV1E9oq7EbQZ0FQRI4qvTpz0EFivc7IAYvEdPpVRcq6L0UUA%26adurl%3D&documentReferer=https%3A%2F%2Fad6.on.cc%2Fweb%2Fhtml%2Fgoogle%2Fhousead%2Flrec1_422.html&ancestorOrigins=https%3A%2F%2Fad6.on.cc%2Chttps%3A%2F%2Fhk.on.cc%2Chttps%3A%2F%2Fhk.on.cc&random=9920915029041&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal90008.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d1b023b1ff&subid=&uid=1985af215704b051&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-d0krPVgYczNJ9nsgAfil7-gBrXN-YNXzN65q-UM8C4QASC1zvcfYJXikIKgB8gBCakCnWwL5wZrsz6oAwGqBM0BT9CKiLNlQnm4NbstgMm0xJ73fTmvJT2ihlaNcDUq3ZlUafaRblS37h0jgPC6g9sTir2tqUuMCqYKrPARKJPk6-lAUnEH5ofL8l3QEaD-AuY4A9M_n9ViKc1JWhtS9cPVj380EMuQmpHFHOISHaaVxEh5jbJbIADBLR3KjSNMvXic11RFZ-4BHvFVB_GR3FOU1p06VbUrjIzmV5O5E0TeBA1fqh2F3C-gcq0QTCMxE-xt6rt49BI0Gm11a2S8z4Y7BXekUGjhMe0dd756W8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJHw2WkDLwUtKaM-gtZIJhQ%26sig%3DAOD64_13c23eZr7P2W9E4bjfzZSfgvGVhA%26client%3Dca-pub-3571272074788370%26dbm_c%3DAKAmf-ApUFt2VAoYBJEFIzo607imgA-Fs-fZ2TbUFRgf9up9qTuVdBQ5U7r4ByqZn7qjAJwlUkLywsFONfUmS7FYaNeRW6YzKEbThbso7Hvp6YMaaSBLobkr8KbGdhX3p3dREa1BZBBrtqA53dt_VPJazij-8Ry1SA%26cry%3D1%26dbm_d%3DAKAmf-DbdsCG88CtZbKcDFg4bWzDuXQTQ6UlEOKQCcVjs-a4eI3CGYfg1e5r7lFnmT2E_cgoPlhjRAudYI17_Rn0eDcz3XOBiu6rakvNajjFtF2qU46escDn0fGderpUcVHPpg1UyQV9wiouRD4IXEPaqOZObwNpfjMonee07wtEFn-y5jndk0NoaTiHY8Qrr-K3-inddtZELjWF0u5shaBrPzG0qstlAml2Gi0VBgPLOcwF5Uwq1nBA1kjfxXqhktV0YmD_7DUL5yx0n7vm_BF-7XvJvLsT5nzRBy41NMuvDRE_gf4YdioJfWUw-mbBb9gPVh6uuOBpTzZYFT18bRi_7GpTgYBEbGT7NvmZiO7ptzR7EqpoR4zqQcPy166CSA9G8VsQ0RhTU6VZJ-_LIUAYB4pqkDNIVPPXNzcU9ilFEkNQXNgGGfXE9Ln_n4o_QLyHa0UaBN0f0VnPxsMElsS7CC018bGi1xFYsBLUKkq1QCC9KZuV1E9oq7EbQZ0FQRI4qvTpz0EFivc7IAYvEdPpVRcq6L0UUA%26adurl%3D&documentReferer=https%3A%2F%2Fad6.on.cc%2Fweb%2Fhtml%2Fgoogle%2Fhousead%2Flrec1_422.html&ancestorOrigins=https%3A%2F%2Fad6.on.cc%2Chttps%3A%2F%2Fhk.on.cc%2Chttps%3A%2F%2Fhk.on.cc&random=9920915029041&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 375
  • https://hal900014.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=961729e2ba&subid=&uid=181dc6c6395bde2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIBLGrPVgYYaEKNLW-gaqib2oBbXN-YNXzN65q-UM8C4QASC1zvcfYJXikIKgB8gBCakCnWwL5wZrsz6oAwGqBM0BT9CV6hsMO3hv7jOE4XK14Nm6Ur3E45lrmfY65Xkxj1PF7Wzap94DbrOnAkZbCplKsPwJDCPe7INe7rUKFlOK71WSiyQEn9aK26mNNerhKIKTCPgmW1uoklgUyWUmh18igd2ZZ9yfJuhVZdZkfsZaciokJeMTlCDv68eDHjWVtiTrB6q53Q3Tvkt6Owg5vwgyODxevo6G9dvWcivjXK7CtnsmnkfXqdUlLRy77XrSLzapI2yfW-a_--i_qtKTgkCvxXmV-YeM3HOkMC7M58AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoCFU71fzMhUHsTTykviKO-w%26sig%3DAOD64_1lxUuAsay-tUqQk1X9jOogujxFFw%26client%3Dca-pub-3571272074788370%26dbm_c%3DAKAmf-AsBHFJNYy0821GTFTzfZRTHJ5bAy3LfP2QhW-Y2IAd6wamq1wkWXpPO6842WklcrR6HovQu1F2hfqGbDIGXsBkvNlAmcNhKSjc0j_tImDlbo9sSU3vIy-pjjpZkYhg4cGaSlnz4CgVImQ4CCZO9hx_g3Nhpg%26cry%3D1%26dbm_d%3DAKAmf-DK_3krBobCvABbgyyTS1QOBlITedLp6YUEHZJUpcrMzI4zrz2rV4j_NnMV7K5XTdCEnB5PsOrmBCFvSmTm6Dd7wfX-zSdQcMhEP3KGkUYxAvgJej5tkDDsnGAIdKgMf0vy9aNwiIuRzgfUmIK7P0uJa0UWoDcJJr1lUj_oYEpVeE5j3MAnFkUg9SzptB9OWZfMoE9ehXIJas6NJHi44EJC7Lo6ogxTyPx9jhVFyaTmXAlaiB4YJfcdlbbOhOsCqbR207-s3a2Y9pfsbBl3upInu1jv47dWvTFLL9whz5axDzINlb4GUBHLcGmzs7wlXJN9tQ1HAzDPNia9uWnUpX6WKXqAi0rEQGR-4ytPz3SVT__F5nlZ_SlDReWt0KKk9tbTk6PoArnNrbimspL6dPjx4QOtO2RktEg9Gr9MwV0TJ3vuWtPs-WrBMh_qAfREEgTLlvjsR4Sgwazjw3RnmAHJ6appH15441JNwMKRDCa1J0s2b-32C8OVjlodbwtXvJbbgbeHWT-YVeZ8dBDD9MTpiDKABA%26adurl%3D&documentReferer=https%3A%2F%2Fad6.on.cc%2Fweb%2Fhtml%2Fgoogle%2Fhousead%2Flrec1_423.html&ancestorOrigins=https%3A%2F%2Fad6.on.cc%2Chttps%3A%2F%2Fhk.on.cc&random=3559416046578&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900014.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=961729e2ba&subid=&uid=181dc6c6395bde2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIBLGrPVgYYaEKNLW-gaqib2oBbXN-YNXzN65q-UM8C4QASC1zvcfYJXikIKgB8gBCakCnWwL5wZrsz6oAwGqBM0BT9CV6hsMO3hv7jOE4XK14Nm6Ur3E45lrmfY65Xkxj1PF7Wzap94DbrOnAkZbCplKsPwJDCPe7INe7rUKFlOK71WSiyQEn9aK26mNNerhKIKTCPgmW1uoklgUyWUmh18igd2ZZ9yfJuhVZdZkfsZaciokJeMTlCDv68eDHjWVtiTrB6q53Q3Tvkt6Owg5vwgyODxevo6G9dvWcivjXK7CtnsmnkfXqdUlLRy77XrSLzapI2yfW-a_--i_qtKTgkCvxXmV-YeM3HOkMC7M58AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoCFU71fzMhUHsTTykviKO-w%26sig%3DAOD64_1lxUuAsay-tUqQk1X9jOogujxFFw%26client%3Dca-pub-3571272074788370%26dbm_c%3DAKAmf-AsBHFJNYy0821GTFTzfZRTHJ5bAy3LfP2QhW-Y2IAd6wamq1wkWXpPO6842WklcrR6HovQu1F2hfqGbDIGXsBkvNlAmcNhKSjc0j_tImDlbo9sSU3vIy-pjjpZkYhg4cGaSlnz4CgVImQ4CCZO9hx_g3Nhpg%26cry%3D1%26dbm_d%3DAKAmf-DK_3krBobCvABbgyyTS1QOBlITedLp6YUEHZJUpcrMzI4zrz2rV4j_NnMV7K5XTdCEnB5PsOrmBCFvSmTm6Dd7wfX-zSdQcMhEP3KGkUYxAvgJej5tkDDsnGAIdKgMf0vy9aNwiIuRzgfUmIK7P0uJa0UWoDcJJr1lUj_oYEpVeE5j3MAnFkUg9SzptB9OWZfMoE9ehXIJas6NJHi44EJC7Lo6ogxTyPx9jhVFyaTmXAlaiB4YJfcdlbbOhOsCqbR207-s3a2Y9pfsbBl3upInu1jv47dWvTFLL9whz5axDzINlb4GUBHLcGmzs7wlXJN9tQ1HAzDPNia9uWnUpX6WKXqAi0rEQGR-4ytPz3SVT__F5nlZ_SlDReWt0KKk9tbTk6PoArnNrbimspL6dPjx4QOtO2RktEg9Gr9MwV0TJ3vuWtPs-WrBMh_qAfREEgTLlvjsR4Sgwazjw3RnmAHJ6appH15441JNwMKRDCa1J0s2b-32C8OVjlodbwtXvJbbgbeHWT-YVeZ8dBDD9MTpiDKABA%26adurl%3D&documentReferer=https%3A%2F%2Fad6.on.cc%2Fweb%2Fhtml%2Fgoogle%2Fhousead%2Flrec1_423.html&ancestorOrigins=https%3A%2F%2Fad6.on.cc%2Chttps%3A%2F%2Fhk.on.cc&random=3559416046578&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 377
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=31009000010603400710616011742008&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=31009000010603400710616011742008&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 378
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=31009000010603400710616011742008 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=925703526
Request Chain 380
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=31009000010603400710616011742008 HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=31009000010603400710616011742008 HTTP 301
  • https://ad-server.eu/wm/pb/native.png
Request Chain 382
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873b94a5452a6696367?subid=85341900008648900710616011742014&t=htlp HTTP 301
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85341900008648900710616011742014&actionid=879111&produktid=ratenkredit&dt_url=
Request Chain 383
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5448245473829.543 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CIDr_-WbvPMCFeTLEQgdFJIDdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5448245473829.543
Request Chain 388
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873b94a5452a6696367?subid=85341900008648900710616011742014 HTTP 301
  • https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_300x250.gif
Request Chain 392
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEE6WdKaO1yUn07gSB4PqJD0&google_cver=1&google_push=AYg5qPKIlTTzieJAsBZy36CQ5Q_Wtm-sxl8h00cPtJLKPKHzMFDu49o1lPo-3NX8YrdJ-oYZF0MIw8tfCkMdVZhpmZ97xJ0viw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKIlTTzieJAsBZy36CQ5Q_Wtm-sxl8h00cPtJLKPKHzMFDu49o1lPo-3NX8YrdJ-oYZF0MIw8tfCkMdVZhpmZ97xJ0viw&google_hm=Q0FFU0VFNldkS2FPMXlVbjA3Z1NCNFBxSkQw
Request Chain 393
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK4xq_3UBOcapRtFQplZwTJjaCJMNIFs7ywmJau6rRypTi3KXQ3D974EX2baUTx_40AXJvA3cOK8_ReJSXgUWJFEJtkovM&google_gid=CAESEHA48dZIqu4_tyVNCQ_0pDg&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK4xq_3UBOcapRtFQplZwTJjaCJMNIFs7ywmJau6rRypTi3KXQ3D974EX2baUTx_40AXJvA3cOK8_ReJSXgUWJFEJtkovM&google_gid=CAESEHA48dZIqu4_tyVNCQ_0pDg&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMDkwMTUxNDEwMDA1MDQ0OTM2NDQ0OQ%3D%3D&google_push=AYg5qPK4xq_3UBOcapRtFQplZwTJjaCJMNIFs7ywmJau6rRypTi3KXQ3D974EX2baUTx_40AXJvA3cOK8_ReJSXgUWJFEJtkovM
Request Chain 395
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBR-UpVSxypd2aNiUqprWSk&google_cver=1&google_push=AYg5qPLWNTa4mBzTnQ5Sf_2EpRA7R8tFWhhjO33Z85qQu-b_3yOcqluTXBV9aaC5fjiTC1bglSPg5Eflyyc7chI7nJswIZILtJI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLWNTa4mBzTnQ5Sf_2EpRA7R8tFWhhjO33Z85qQu-b_3yOcqluTXBV9aaC5fjiTC1bglSPg5Eflyyc7chI7nJswIZILtJI&google_hm=dGoAQVOaxLQhAgB3gtH6Mg==
Request Chain 396
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGPynULI6WVRhrAQK5BHm-4&google_cver=1&google_push=AYg5qPLMTz_mGsItnIHKpAszterg-I0jiZTfSbweoV7um6xjEVU-J1TGWcBKhRjlR3laQaLsL4cXXajJv41hAwBVVBjJXz6TTQ HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGPynULI6WVRhrAQK5BHm-4&google_cver=1&google_push=AYg5qPLMTz_mGsItnIHKpAszterg-I0jiZTfSbweoV7um6xjEVU-J1TGWcBKhRjlR3laQaLsL4cXXajJv41hAwBVVBjJXz6TTQ&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MxLRJq1fTe6y_wAo8OcJIQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLMTz_mGsItnIHKpAszterg-I0jiZTfSbweoV7um6xjEVU-J1TGWcBKhRjlR3laQaLsL4cXXajJv41hAwBVVBjJXz6TTQ
Request Chain 397
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_cver=1&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc
Request Chain 402
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9381956798877.553 HTTP 302
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CMKCh-abvPMCFQ-B3god6NgPbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9381956798877.553
Request Chain 406
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELjX4c6dGz2Ry8bLluGmK94&google_cver=1&google_push=AYg5qPKh8RsKjw-7bqqXMhfRaPs7IvEhu-5SIjWt0YMORmZjxx_SG_R8QrU9KtOxBmgKwwWFbejsR2pwNoxDtHAMCQD0X5hbdGbm HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKh8RsKjw-7bqqXMhfRaPs7IvEhu-5SIjWt0YMORmZjxx_SG_R8QrU9KtOxBmgKwwWFbejsR2pwNoxDtHAMCQD0X5hbdGbm&google_hm=e-P2c-Tb2KY5XEdaxN6Hdw
Request Chain 407
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIlPlij73ipW7yDmdBCbNxkIaDn5NBL7DtZ8Eg8r7cYnFFsiY_DUEBaZydd46ltqMAKp2AXo3IBeYznk28dfh8bK_ozRt-l&google_gid=CAESEHA48dZIqu4_tyVNCQ_0pDg&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIlPlij73ipW7yDmdBCbNxkIaDn5NBL7DtZ8Eg8r7cYnFFsiY_DUEBaZydd46ltqMAKp2AXo3IBeYznk28dfh8bK_ozRt-l&google_gid=CAESEHA48dZIqu4_tyVNCQ_0pDg&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMDkwMTUxNDEwMDA1MDQ0OTM2NDQ0OQ%3D%3D&google_push=AYg5qPIlPlij73ipW7yDmdBCbNxkIaDn5NBL7DtZ8Eg8r7cYnFFsiY_DUEBaZydd46ltqMAKp2AXo3IBeYznk28dfh8bK_ozRt-l
Request Chain 409
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBR-UpVSxypd2aNiUqprWSk&google_cver=1&google_push=AYg5qPJHDAJIcQUCB0D5hxh6O1fSoYT4VWYSYb-SBXn56WgOx0ZjNKkQuDNHoK9JvRkkg8SahmVpU3yxA651g9lMIv3TRWncjXKl HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJHDAJIcQUCB0D5hxh6O1fSoYT4VWYSYb-SBXn56WgOx0ZjNKkQuDNHoK9JvRkkg8SahmVpU3yxA651g9lMIv3TRWncjXKl&google_hm=dGoAQVOaxLQhAgB3gtH6Mg==
Request Chain 410
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGPynULI6WVRhrAQK5BHm-4&google_cver=1&google_push=AYg5qPIydUlStL4PVKHF92QwNIpAau_ue_UHaufVFbtFPJvXnZWSfeJc5V1lUu2XcFKIt-OsL3sgiS9C9NuTH7EV6cifnbH8je2xBQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MxLRJq1fTe6y_wAo8OcJIQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIydUlStL4PVKHF92QwNIpAau_ue_UHaufVFbtFPJvXnZWSfeJc5V1lUu2XcFKIt-OsL3sgiS9C9NuTH7EV6cifnbH8je2xBQ
Request Chain 411
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_cver=1&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg

454 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request bkn-20170929111939062-0929_00822_001.html
hk.on.cc/hk/bkn/cnt/news/20170929/ 		21 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c01983431d9cc05de35cbeeca67244c7ee0b471f2e43bce60cff19ee899cd4d

Request headers

:method
GET
:authority
hk.on.cc
:scheme
https
:path
/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sat, 09 Oct 2021 01:51:23 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
etag
W/"0258d3ba93eb66c266efddd6278b0d14a"
cache-control
public, max-age=60, s-maxage=300, stale-if-error=86400, stale-while-revalidate=30
access-control-allow-origin
*
access-control-allow-headers
Content-Type
referrer-policy
no-referrer-when-downgrade
x-host
webappdocker06
x-cacheable
Y09
x-varnish
231167734
cf-cache-status
REVALIDATED
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
set-cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; path=/; domain=.on.cc; HttpOnly; Secure; SameSite=None
server
cloudflare
cf-ray
69b3f6ab998c2175-DUS
content-encoding
br
oncc-global.css
hk.on.cc/css/v4/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/css/v4/oncc-global.css?20210106
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b835c6dc07fc7063b35534657fbad3c3f80ef1ac7e431c936ff11591472dc9f

Request headers

:path
/css/v4/oncc-global.css?20210106
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:23 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Tue, 08 Jun 2021 03:59:26 GMT
server
cloudflare
x-cacheable
Y10
etag
W/"60beeb1e-7675"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
105672562 106450041
content-type
text/css
cache-control
public, max-age=5, s-maxage=5
cf-ray
69b3f6ad4b242175-DUS
oncc-content.css
hk.on.cc/css/v4/ 		42 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/css/v4/oncc-content.css?20210106
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4398c3b97346a2e6bc050e32164e47054a99fdba6b9268360e3ee84a01f5dd2

Request headers

:path
/css/v4/oncc-content.css?20210106
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:23 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 28 Jul 2021 03:57:21 GMT
server
cloudflare
x-cacheable
Y10
etag
W/"6100d5a1-a618"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
418695813 418695713
content-type
text/css
cache-control
public, max-age=5, s-maxage=5
cf-ray
69b3f6ad4b262175-DUS
wb.js
tjs.sjs.sinajs.cn/open/api/js/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tjs.sjs.sinajs.cn/open/api/js/wb.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.231 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
b01e8a7c878711f6b2e5091d9d616cbcd8489110fcb8fa2d19994f4d96e85602

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 07 Oct 2021 04:48:40 GMT
via
https/1.1 ctc.qingdao.union.64 (ApacheTrafficServer/6.2.1 [cRs f ]), cache11.l2sg2[0,0,304-0,H], cache39.l2sg2[1,0], cache2.de3[0,0,200-0,H], cache12.de3[1,0]
age
162165
x-via-edge
16335821207769f26b5a3f406f98c4dbee812
x-via-ssl
ssl.22.sinag1.qxg.lb.sinanode.com
x-cache
HIT TCP_MEM_HIT dirn:13:922953770
x-swift-cachetime
1295998
access-control-allow-methods
GET,POST,OPTIONS
x-swift-savetime
Thu, 07 Oct 2021 04:48:42 GMT
content-encoding
gzip
content-length
12471
x-via-cdn
f=alicdn,s=cache12.de3,c=216.131.111.138;f=edge,s=ctc.qingdao.union.62.nb.sinaedge.com,c=163.181.38.159;f=Edge,s=ctc.qingdao.union.64,c=140.249.5.62
edge-copy-time
1615358539796
last-modified
Fri, 15 Sep 2017 07:00:56 GMT
server
Tengine
etag
W/"59bb7aa8-86c2"
vary
Accept-Encoding
ali-swift-global-savetime
1633582120
content-type
application/x-javascript
access-control-allow-origin
cache-control
max-age=1296000
timing-allow-origin
*
access-control-allow-headers
Origin,Content-Type,X-Requested-With
eagleid
4f85b1a016337442859696994e
expires
Sat, 16 Oct 2021 05:42:18 GMT
serverTime.js
on.cc/js/ 		35 B
166 B 		Script
General
Check archive.org
Download Go to
Full URL
https://on.cc/js/serverTime.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fba811fcda9e897bcb600128fc7c3e22b43a07c3f09ceb05cc15fe62870c025e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:23 GMT
cf-cache-status
HIT
x-cacheable
L07
cf-ray
69b3f6ad5b3c2175-DUS
x-host
WL24
content-length
35
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Oct 2021 01:51:21 GMT
server
cloudflare
etag
"6160f599-23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
75582832 74859519
cache-control
public, max-age=5, s-maxage=5
accept-ranges
bytes
content-type
application/javascript
jquery.js
hk.on.cc/js/v4/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/v4/jquery.js?20210106
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

:path
/js/v4/jquery.js?20210106
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:23 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6ad4b2a2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 26 Aug 2019 02:51:22 GMT
server
cloudflare
etag
W/"5d63492a-17c52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
437909148 435909399
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
oncc-common.js
hk.on.cc/js/ 		56 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/oncc-common.js?20210106
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dfec80199f1a2974c09efa6f6ad9701c7a48ca7efdaac16a7fdf97e07d27d37

Request headers

:path
/js/oncc-common.js?20210106
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:24 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6ad4b2b2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 04:34:53 GMT
server
cloudflare
etag
W/"61398eed-e114"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
63355157 70545214
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
oncc-global.js
hk.on.cc/js/v4/ 		123 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/v4/oncc-global.js?20210106
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42da4e5be3daf33b5e0fe060f26ba0045b2ec3de89d7ec64ff182a6a5ab5b69d

Request headers

:path
/js/v4/oncc-global.js?20210106
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:23 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6ad4b2c2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Sep 2021 00:31:25 GMT
server
cloudflare
etag
W/"612ec9dd-1ed2d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
867163924 869866427
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
swfobject.js
hk.on.cc/js/v4/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/v4/swfobject.js?20210106
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
30a7ab41fdf0cfa9430bb0bbdf447cb761f83d8dfb75b456bb11d7a1570d9fd3

Request headers

:path
/js/v4/swfobject.js?20210106
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:24 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6ad4b2e2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 26 Aug 2019 02:51:26 GMT
server
cloudflare
etag
W/"5d63492e-2907"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
418448040 416185114
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
oncc-ad.js
hk.on.cc/adv/web/corp/js/ 		22 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/adv/web/corp/js/oncc-ad.js?20210106
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d687a7b92e62cfac02272e600d0e1f4f97a095d56e76aff54c474ee38d8718ad

Request headers

:path
/adv/web/corp/js/oncc-ad.js?20210106
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:24 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6ad4b2f2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 11 Apr 2018 04:28:38 GMT
server
cloudflare
etag
W/"5acd8ef6-581c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
816657670 813980532
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
unicorp_v4.js
hk.on.cc/adv/web/corp/source/ 		61 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/adv/web/corp/source/unicorp_v4.js?20210106
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d26ea3057811c2841a29c3c3f6889a00a7a157e603f4555c62c07ad8a5c4caad

Request headers

:path
/adv/web/corp/source/unicorp_v4.js?20210106
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:23 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
age
7880
cf-ray
69b3f6ad4b302175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Sep 2021 00:11:14 GMT
server
cloudflare
etag
W/"612ec522-f33d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
191720195 196178475
cache-control
public, max-age=1800, s-maxage=14400
content-type
application/javascript
oncc-content.js
hk.on.cc/js/v4/ 		84 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/v4/oncc-content.js?20210106
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42e9c9c04f6af07ecee44235b0ca8de72da441e8cc052953c08e19d0f5a18c4d

Request headers

:path
/js/v4/oncc-content.js?20210106
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:23 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6ad4b312175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 10:03:14 GMT
server
cloudflare
etag
W/"60daefe2-14ed0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
423618008 419869021
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
urchin.js
hk.on.cc/js/v4/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/v4/urchin.js?20210106
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab229322552892c8734d333a6b52b479f3d9cf7c8a1fc9cf2d8bd6ba3420284b

Request headers

:path
/js/v4/urchin.js?20210106
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:24 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6ad4b322175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 26 Aug 2019 02:51:27 GMT
server
cloudflare
etag
W/"5d63492f-4661"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
373994779 415876153
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
urchin-lib.js
hk.on.cc/js/v4/ 		10 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/v4/urchin-lib.js?20210106
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2497c9e9a629f58b652e0e2432919bba53d699a421f48da97c581f8c1f379f86

Request headers

:path
/js/v4/urchin-lib.js?20210106
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:24 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6ad5b392175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 02 Jun 2021 04:38:59 GMT
server
cloudflare
etag
W/"60b70b63-27fd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
439795682 435909493
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
oncc-adbanner.js
hk.on.cc/js/v4/ 		28 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/v4/oncc-adbanner.js?20210106
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2e9a3880308bb293fa43aa6b6ba08f9c072b8ad604b9c2c007a36b17db920a2

Request headers

:path
/js/v4/oncc-adbanner.js?20210106
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:23 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6ad5b3a2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 May 2021 03:48:16 GMT
server
cloudflare
etag
W/"60af1680-6f02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
631031661 683315310
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
spcjs.php
ad4.on.cc/web/www/delivery/ 		2 KB
834 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.on.cc/web/www/delivery/spcjs.php
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a78f3bac19ad7038280232ef773f82a12bcc6034498cea9f23a854e2f171264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:23 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
53343
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-size
2219
cf-ray
69b3f6ad5b3e2175-DUS
content-type
application/x-javascript
expires
Sat, 09 Oct 2021 10:58:31 GMT
oncc-body-script.js
hk.on.cc/js/v4/ 		644 B
437 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/v4/oncc-body-script.js?20210106
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f704320231a4061188024bbcbb509667e794d35fb74a020f103d904e09cd1e72

Request headers

:path
/js/v4/oncc-body-script.js?20210106
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:24 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6ad5b3b2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 26 Jul 2021 10:28:31 GMT
server
cloudflare
etag
W/"60fe8e4f-284"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
811129525 816229562
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
sdk.js
connect.facebook.net/zh_HK/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/sdk.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
fb04d81333ef5f4c32b2c0e753035c869a8575d64ddae12a911c5e592734118b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Origin
https://hk.on.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
iDJo40mvume7xXjLhr2TBg==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1688
x-fb-rlafr
0
x-fb-debug
32uU00/ZdrBMdFGsKIGhVcoZp+gChjt8i/lY2DFOPgrcuT4XO3Wi7gAeIwibPFQcH7Nb6v2BRH64MV3jcq4hzw==
x-fb-trip-id
917726464
x-fb-content-md5
b1a4f4ef84360112c485f397933dd98a
x-frame-options
DENY
date
Sat, 09 Oct 2021 01:51:24 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"4f2e4367b88e906aec941d56876e4a27"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 09 Oct 2021 02:04:06 GMT
bkn-20170929111939062-0929_00822_001_01p.jpg
hk.on.cc/hk/bkn/cnt/news/20170929/photo/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/hk/bkn/cnt/news/20170929/photo/bkn-20170929111939062-0929_00822_001_01p.jpg?20170929130419
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
208449b2c73b721f314bdd50963aab45162e001d84e157a84fef06cc1687cda8

Request headers

:path
/hk/bkn/cnt/news/20170929/photo/bkn-20170929111939062-0929_00822_001_01p.jpg?20170929130419
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:25 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6b469592175-DUS
content-length
67709
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Sep 2017 03:53:23 GMT
server
cloudflare
etag
"59cdc3b3-1087d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
257734700
cache-control
public, max-age=7200, s-maxage=14400, post-check=0, pre-check=0
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
oncc-body-end-script.js
hk.on.cc/js/v4/ 		533 B
425 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/v4/oncc-body-end-script.js?20210106
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df85308570e04807627688fe6a09440aa2aa7b46892e1d565fc5cacde9b28d98

Request headers

:path
/js/v4/oncc-body-end-script.js?20210106
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:24 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6b2c8202175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 May 2020 07:32:46 GMT
server
cloudflare
etag
W/"5ed0ba9e-215"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
815295256 815358537
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.110 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f14.1e100.net
Software
ESF /
Resource Hash
f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-W9rqsQW8AhYTEYgUlDVPAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
etag
"640a4d1ff2f547a81ed97fb67488ed83"
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"}]}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-W9rqsQW8AhYTEYgUlDVPAw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraZH88pL4jQdjcWpuaSZEaZk6SzMEy_nItKJ7e9QFtt"
expires
Sat, 09 Oct 2021 01:51:26 GMT
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:26 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 19:09:26 GMT
Server
ECS (frb/67BA)
Age
1455
Etag
"f9ab884058c9d8de47075baa622f0e7e+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
28869
inactivity.js
hk.on.cc/module/inactivity/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/inactivity/inactivity.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/oncc-common.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6071075a898be0eedd9f217351c0eae2844f4e02b0cfb58e060122d3919507e7

Request headers

:path
/module/inactivity/inactivity.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:27 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6c658472175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Jun 2021 08:06:23 GMT
server
cloudflare
etag
W/"60cb027f-4b85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
437742556 439434835
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
NotificationModule.js
hk.on.cc/module/notification/ 		243 B
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/notification/NotificationModule.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/oncc-common.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bea15781c983c41355713349cf281fa3a1f26a612798f9bf5a62910c0b32e00

Request headers

:path
/module/notification/NotificationModule.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:28 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6c7d9932175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Mar 2019 06:41:28 GMT
server
cloudflare
etag
W/"5c80bd18-f3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
682740218 677368463
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
country.js
hk.on.cc/hk/bkn/js/countryMapping/ 		11 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/hk/bkn/js/countryMapping/country.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94a8e0b18503c3962da145e83926ae6b47bc97986978c70e707d1843b50c2851

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
:path
/hk/bkn/js/countryMapping/country.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:26 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6bb8f802175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 08 Aug 2021 10:59:58 GMT
server
cloudflare
etag
W/"610fb92e-2c3d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
815808692 810311935
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
inactivekeywordList.js
hk.on.cc/hk/bkn/keyword/ 		2 KB
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/hk/bkn/keyword/inactivekeywordList.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ebe02980b06c6af6873b57586eea9752429741d34dd15713d7da9dff8d7c95

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
:path
/hk/bkn/keyword/inactivekeywordList.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:27 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6c0ebb12175-DUS
x-host
webappdocker06
x-total-count
47
referrer-policy
no-referrer-when-downgrade
server
cloudflare
etag
W/"0e0a74c7ee9b11f8ae597adf31a472451"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
171639654 154463462
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=180
content-type
application/json;charset=utf-8
access-control-allow-headers
Content-Type
swfobject.js
home.on.cc/adv/web/corp/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://home.on.cc/adv/web/corp/js/swfobject.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/js/oncc-ad.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2172868bc46d74ad32f2715bc25a8716e07a784b2ecb24d9d077d2125c6c993

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:27 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
L07
cf-ray
69b3f6c6685b2175-DUS
x-host
WL24
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 11 Aug 2015 09:07:54 GMT
server
cloudflare
etag
W/"55c9bb6a-1ae0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
3375127 1736711
cache-control
public, max-age=30, s-maxage=300
content-type
application/javascript
jquery.marquee.min.js
hk.on.cc/js/v4/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/v4/jquery.marquee.min.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/oncc-common.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2278cada41d2bcc06dfa905b1e859133291c58dc7fb209a57f9f5d02c11a92e5

Request headers

:path
/js/v4/jquery.marquee.min.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6cd3e6f2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 26 Aug 2019 02:51:22 GMT
server
cloudflare
etag
W/"5d63492a-1606"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
813595163 814310918
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
inactivity.css
hk.on.cc/module/inactivity/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/inactivity/inactivity.css
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff357113f88142adbad7c7053ab016fbf3cfce8e432c463f485b2ab9c368e57e

Request headers

:path
/module/inactivity/inactivity.css
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:28 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 21 Jul 2021 03:55:34 GMT
server
cloudflare
x-cacheable
Y09
etag
W/"60f79ab6-1669"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
815908562 814635772
content-type
text/css
cache-control
public, max-age=5, s-maxage=5
cf-ray
69b3f6c7d9942175-DUS
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.5.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-5-163.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 23:57:04 GMT
content-encoding
gzip
age
6864
x-edge-origin-shield-skipped
0
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
last-modified
Thu, 08 Jul 2021 15:47:37 GMT
server
nginx
etag
W/"60e71e19-5a0d"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
nq5msk-biM5QjcNc2y7AM6q2Wz3qyMF3GFlshjzKwiCFNcectrza7g==
expires
Sat, 09 Oct 2021 01:57:04 GMT
unicorp_lang.js
hk.on.cc/adv/web/corp/source/ 		86 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/adv/web/corp/source/unicorp_lang.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f67d90d957dd4ee4d98b2aa84d917c435702010342d449a1bdc7fe3b7e1e4c4

Request headers

:path
/adv/web/corp/source/unicorp_lang.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:27 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
age
7893
cf-ray
69b3f6c7e99f2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 Apr 2020 07:45:45 GMT
server
cloudflare
etag
W/"5e9d5329-1582f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
93449451 90921460
cache-control
public, max-age=1800, s-maxage=14400
content-type
application/javascript
yahoo_keywords.js
hk.on.cc/adv/web/corp/js/ 		5 KB
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/adv/web/corp/js/yahoo_keywords.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69cdf4534c0fc31cc9e46568b011af5dd27119ae300d242acf3fea0dba6c5307

Request headers

:path
/adv/web/corp/js/yahoo_keywords.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6cecf882175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Sep 2010 05:16:43 GMT
server
cloudflare
etag
W/"4c99913b-1220"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
645154885 675153271
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
unicorp_disclaimer.js
on.cc/adv/web/corp/source/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://on.cc/adv/web/corp/source/unicorp_disclaimer.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
112aba6073ee49f1843f50fb5239e2d7c8a004325b50bd7f93ab093cb6b72e4b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
L06
cf-ray
69b3f6d30ac92175-DUS
x-host
WL25
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 31 Aug 2021 06:55:25 GMT
server
cloudflare
etag
W/"612dd25d-f2a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
296344695
cache-control
max-age=5, s-maxage=5
content-type
application/javascript
weather_info.js
on.cc/adv/web/corp/js/ 		4 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://on.cc/adv/web/corp/js/weather_info.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e6f17dd9924af4706d717e87503d0e92cdb78ed03a0aeb8b081b2263c48526e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:28 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
L07
cf-ray
69b3f6c7e9a12175-DUS
x-host
WL24
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Oct 2021 01:50:05 GMT
server
cloudflare
etag
W/"6160f54d-e94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
76041353 76552237
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
unicorp_v4.css
hk.on.cc/adv/web/corp/source/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/adv/web/corp/source/unicorp_v4.css?v=31
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cdfc421265602e0a9c952b7c9e7ee8f58cfbdfb27b0d3649b818ecbb24f8908

Request headers

:path
/adv/web/corp/source/unicorp_v4.css?v=31
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:27 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
age
7893
cf-ray
69b3f6c7e9a22175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 27 May 2020 01:59:05 GMT
server
cloudflare
etag
W/"5ecdc969-1de5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
92667190 18605890
cache-control
public, max-age=1800, s-maxage=14400
content-type
text/css
unicorp_v4_hk.css
hk.on.cc/adv/web/corp/source/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70e1de1632d61c9c74213d099c9561877f0591d4861a5c3e82e766b53d4d666a

Request headers

:path
/adv/web/corp/source/unicorp_v4_hk.css?v=31
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:27 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
age
7892
cf-ray
69b3f6c7e9a32175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 05:18:24 GMT
server
cloudflare
etag
W/"6018e0a0-3093"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
195402031 197445333
cache-control
public, max-age=1800, s-maxage=14400
content-type
text/css
checkrev.gif
home.on.cc/adv/web/corp/img/ 		43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://home.on.cc/adv/web/corp/img/checkrev.gif
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
L08
age
12709
cf-ray
69b3f6d30ad52175-DUS
x-host
WL25
content-length
43
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 20 Oct 2008 03:57:30 GMT
server
cloudflare
etag
"48fc01aa-2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
917526 327686
cache-control
max-age=300, s-maxage=14400
accept-ranges
bytes
content-type
image/gif
Notification.js
hk.on.cc/module/notification/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/notification/Notification.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/oncc-common.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ca938a84d4e4fa99f13992d8c1bf13929c0bc5f4315fe47dd0336f389c6875

Request headers

:path
/module/notification/Notification.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6d30ad92175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Nov 2020 04:21:36 GMT
server
cloudflare
etag
W/"5fa8c3d0-2d02"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
796368446 772289169
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
h5player.css
hk.on.cc/module/player/ 		46 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/player/h5player.css
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0350eaf35ccdb5e81fd6410f924aa857b491fce3bb1bc48e0935ad2b26a138e9

Request headers

:path
/module/player/h5player.css
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 07:06:41 GMT
server
cloudflare
x-cacheable
Y09
etag
W/"610a3c81-b706"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
810312330 815809025
content-type
text/css
cache-control
public, max-age=5, s-maxage=5
cf-ray
69b3f6cd4e892175-DUS
h5player.js
hk.on.cc/module/player/ 		302 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/player/h5player.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/oncc-common.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e354c5c1c485745f5de9cd5c6792c58b914e14d46d373e61a61ebce12900301

Request headers

:path
/module/player/h5player.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6d30adb2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 Sep 2021 07:14:20 GMT
server
cloudflare
etag
W/"6152c0cc-4b8a2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
72639618 80800085
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
oncc-imgLightBoxLib.js
hk.on.cc/module/imageLightBox/ 		838 B
344 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/imageLightBox/oncc-imgLightBoxLib.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/oncc-common.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fefc532188caff828d8f1c9723e5f5fac4bfbaa3b86db0da9dbe81a272c778ba

Request headers

:path
/module/imageLightBox/oncc-imgLightBoxLib.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6d30adc2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Apr 2016 09:49:46 GMT
server
cloudflare
etag
W/"5704dbba-346"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
424540750
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
rta.js
rtax.criteo.com/delivery/rta/ 		0
55 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtax.criteo.com/delivery/rta/rta.js?netId=3124&cookieName=crtg_oncchk_rta&rnd=8459050539&varName=crtg_oncchk_content
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/oncc-adbanner.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.166 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
server
nginx/1.20.1
adultlist.txt
hk.on.cc/data/ 		73 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/data/adultlist.txt
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cd24ffdcdbcf5c952f1a4523ec54486cc933e65a1e0c257916add56eed6a580

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh
:path
/data/adultlist.txt
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
*/*
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:28 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
age
6437
cf-ray
69b3f6cd5e932175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Jan 2021 08:51:29 GMT
server
cloudflare
etag
W/"5ff6cb91-1226b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
195697607 195114668
cache-control
public, max-age=7200, s-maxage=14400
content-type
text/plain
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/oncc-adbanner.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
5be5293fd225fdd263ba480a7786b3209ba80fb8e77a567aaf3c29d3b0ce605a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51250
x-xss-protection
0
server
cafe
etag
1438179067352314083
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 09 Oct 2021 01:51:29 GMT
spc.php
ad4.on.cc/web/www/delivery/ 		18 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.on.cc/web/www/delivery/spc.php?zones=content_float%3D300%7Ccontent_lrec1%3D260%7Ccontent_lrec2%3D262%7Ccontent_lrec3%3D283%7Ccontent_lrec4%3D1111%7Ccontent_masterhead%3D334%7Ccontent_super1%3D253%7Ccontent_advContent%3D589%7Ccontent_adconfig%3D1032%7C&nz=1&source=screenWidthOver&r=85615379&charset=UTF-8&loc=https%3A//hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/spcjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6af7bd61c576a0d197b86398ace3e4361a3ebb83d861d7359a106e753edec04

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:29 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
content-size
18381
cache-control
private, max-age=0, no-cache
cf-ray
69b3f6cd8eac2175-DUS
content-type
application/x-javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
fl.js
ad4.on.cc/web/www/delivery/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.on.cc/web/www/delivery/fl.js
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/spcjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
316fd92de184f954a5c3ee62d7ff4c3cca0789d8f1f40eb719821f3acfd79b64

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:28 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 Dec 2013 07:57:45 GMT
server
cloudflare
age
7057
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
x-host
CC04
cf-ray
69b3f6cd8ead2175-DUS
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		218 B
525 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=hk.on.cc&domain=hk.on.cc&path=%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.202 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
505e6db5f39e8128cef962c94808c7ec5599d4805ed24c26d353199ddb18288a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
content-encoding
gzip
x-cache-hits
0
age
0
x-cache
MISS
cross-origin-resource-policy
cross-origin
content-length
171
x-served-by
cache-hhn4034-HHN
access-control-allow-origin
*
x-timer
S1633744289.919733,VS0,VE186
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
via
1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Thu, 07 Oct 2021 01:51:29 GMT
Article.js
hk.on.cc/module/Article/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/Article/Article.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/oncc-body-script.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3bc18b154eec799c9f98e208178afb8b25d80fbaf523c11fe23fce222a550d7

Request headers

:path
/module/Article/Article.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6d30ade2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 29 Jun 2021 10:23:48 GMT
server
cloudflare
etag
W/"60daf4b4-5c94"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
426811565 426878542
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
lg.php
ad4.on.cc/web/www/delivery/ 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4.on.cc/web/www/delivery/lg.php?bannerid=5831&campaignid=3071&zoneid=1032&source=screenWidthOver&loc=1&referer=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&cb=152302152b
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/spcjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:30 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
accept-ranges
bytes
cf-ray
69b3f6d30ae12175-DUS
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
ic_arrow_hkhk_off.gif
hk.on.cc/img/v2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/ic_arrow_hkhk_off.gif
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b4a8698e5c880ff6090a1c0cd2558e42b26c5a1bdf6cb08b9d8f2d78077fdd8

Request headers

:path
/img/v2/ic_arrow_hkhk_off.gif
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7060
cf-ray
69b3f6d31af12175-DUS
content-length
1172
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 24 Oct 2013 03:54:09 GMT
server
cloudflare
etag
"526899e1-494"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
199098419 73692193
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/gif
web_menu_m18.png
hk.on.cc/adv/web/corp/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/web_menu_m18.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
10a1c3546508a4f60041203cd2de027ba35189ccac7bcc4701c98ac6595bc434

Request headers

:path
/adv/web/corp/img/web_menu_m18.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7060
cf-ray
69b3f6d31af82175-DUS
content-length
2799
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 03:35:56 GMT
server
cloudflare
etag
"6018c89c-aef"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
197179301 195776993
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
web_menu_m18_over.png
hk.on.cc/adv/web/corp/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/web_menu_m18_over.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b75455f6bc681b8ccf92a51442f1ac2c91fbfe1c813837a9650e975b3456913

Request headers

:path
/adv/web/corp/img/web_menu_m18_over.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y10
age
7061
cf-ray
69b3f6d31af92175-DUS
content-length
2832
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 03:35:56 GMT
server
cloudflare
etag
"6018c89c-b10"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
95626558 95754949
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
web_ball_off.png
hk.on.cc/adv/web/corp/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/web_ball_off.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2139db140b042be2a5bafd65fa757f0eb3cf3e0f97c6a8eec957052530b03d77

Request headers

:path
/adv/web/corp/img/web_ball_off.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y10
age
7060
cf-ray
69b3f6d31afb2175-DUS
content-length
2168
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 03:35:56 GMT
server
cloudflare
etag
"6018c89c-878"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
95589813 27513754
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
web_ball_over.png
hk.on.cc/adv/web/corp/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/web_ball_over.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eef61507e5ba153c053a683aefc1e14a84044b401e846c5736572094dd2fe5c

Request headers

:path
/adv/web/corp/img/web_ball_over.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y10
age
7061
cf-ray
69b3f6d31b112175-DUS
content-length
2175
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 03:35:56 GMT
server
cloudflare
etag
"6018c89c-87f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
95755027
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
web_ball_off_sc.png
hk.on.cc/adv/web/corp/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/web_ball_off_sc.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5587ca41f509ea115a518336f6ac6e376379a25fda215b58c4921f84040f0f39

Request headers

:path
/adv/web/corp/img/web_ball_off_sc.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7060
cf-ray
69b3f6d31b162175-DUS
content-length
2124
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 03:35:56 GMT
server
cloudflare
etag
"6018c89c-84c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
197445663 195292451
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
web_ball_over_sc.png
hk.on.cc/adv/web/corp/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/web_ball_over_sc.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9de0c8978e69302a3aa776ff407769b18f57ffa7d8122c2da9ef747f93cd43cc

Request headers

:path
/adv/web/corp/img/web_ball_over_sc.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7061
cf-ray
69b3f6d31b182175-DUS
content-length
2138
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 03:35:56 GMT
server
cloudflare
etag
"6018c89c-85a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
197179312 192247083
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
web_horse_off.png
hk.on.cc/adv/web/corp/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/web_horse_off.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
deebccefdbb9e3846fb52bdeb875696fa33b4fcafb00d83ac8f89631084df26b

Request headers

:path
/adv/web/corp/img/web_horse_off.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7060
cf-ray
69b3f6d31b1a2175-DUS
content-length
1953
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 03:35:56 GMT
server
cloudflare
etag
"6018c89c-7a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
199000579 191349481
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
web_horse_over.png
hk.on.cc/adv/web/corp/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/web_horse_over.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e26801b344d9fb191aa53ea743d2d8b5f4888cebac66ce1128f63078aa53f750

Request headers

:path
/adv/web/corp/img/web_horse_over.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7060
cf-ray
69b3f6d31b1c2175-DUS
content-length
1952
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 03:35:56 GMT
server
cloudflare
etag
"6018c89c-7a0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
194901376 197702417
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
web_horse_off_sc.png
hk.on.cc/adv/web/corp/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/web_horse_off_sc.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9c56677f5e4bf4db2d10b3e4251337f9c954733c8b35b24f6861cf634ae42a9

Request headers

:path
/adv/web/corp/img/web_horse_off_sc.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7061
cf-ray
69b3f6d32b1f2175-DUS
content-length
1856
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 03:35:56 GMT
server
cloudflare
etag
"6018c89c-740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
196178920 195777032
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
web_horse_over_sc.png
hk.on.cc/adv/web/corp/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/web_horse_over_sc.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9613f7645c91aacd5d5027d72140f3ffcb148eb265aeee3b529303e28f8bd03

Request headers

:path
/adv/web/corp/img/web_horse_over_sc.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7061
cf-ray
69b3f6d32b212175-DUS
content-length
1861
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 03:35:56 GMT
server
cloudflare
etag
"6018c89c-745"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
189230009 198543409
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
web_net_off.png
hk.on.cc/adv/web/corp/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/web_net_off.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce61748ce893b3ec7b81cd022f4a9ed673ab4c118f5cff9a4c72a2160d04b496

Request headers

:path
/adv/web/corp/img/web_net_off.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y10
age
7060
cf-ray
69b3f6d32b222175-DUS
content-length
2343
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 03:35:56 GMT
server
cloudflare
etag
"6018c89c-927"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
92613825 95755011
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
web_net_over.png
hk.on.cc/adv/web/corp/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/web_net_over.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
176b6e30b48ace76fce19e261ac688bde72e2defab631d9c2fafea242c559714

Request headers

:path
/adv/web/corp/img/web_net_over.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7061
cf-ray
69b3f6d32b232175-DUS
content-length
2352
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 03:35:56 GMT
server
cloudflare
etag
"6018c89c-930"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
199000583 195327512
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
logo_TC_on.gif
hk.on.cc/adv/web/corp/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/logo_TC_on.gif
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5124d27328c2f5c4b2a560fe2ad40a2ece04ed9f465f354fa35b741c124fd466

Request headers

:path
/adv/web/corp/img/logo_TC_on.gif
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y10
age
7061
cf-ray
69b3f6d32b242175-DUS
content-length
11875
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Nov 2020 04:52:01 GMT
server
cloudflare
etag
"5fa8caf1-2e63"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
95626578 95362955
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/gif
logo_SC_on.gif
hk.on.cc/adv/web/corp/img/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/logo_SC_on.gif
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a12c17ab23790461e677329f9dac5efb0ce19a38fcece15f785ff7f42423cc26

Request headers

:path
/adv/web/corp/img/logo_SC_on.gif
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y10
age
7060
cf-ray
69b3f6d32b262175-DUS
content-length
11974
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Nov 2020 04:52:00 GMT
server
cloudflare
etag
"5fa8caf0-2ec6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
93449502 96043617
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/gif
logo_TC_off.png
hk.on.cc/adv/web/corp/img/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/logo_TC_off.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2ba400a3542c7f986dd240f2def70cc8d021912a6376e6da574c28630a67b3b

Request headers

:path
/adv/web/corp/img/logo_TC_off.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7061
cf-ray
69b3f6d32b272175-DUS
content-length
28481
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Nov 2020 04:51:59 GMT
server
cloudflare
etag
"5fa8caef-6f41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
197896639 73692169
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
logo_SC_off.png
hk.on.cc/adv/web/corp/img/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/logo_SC_off.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1de66009eea3c9f435d5bea771a3717b0c9dc7abc9418e9357442c1afec63117

Request headers

:path
/adv/web/corp/img/logo_SC_off.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7060
cf-ray
69b3f6d32b292175-DUS
content-length
27615
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 09 Nov 2020 04:52:05 GMT
server
cloudflare
etag
"5fa8caf5-6bdf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
196178922 197702064
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
logo_net_off.png
hk.on.cc/adv/web/corp/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/logo_net_off.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ab6ed9795e2f7e4f657148a92d36798a27dd29ab2d4e992fbce352de9a2e42b

Request headers

:path
/adv/web/corp/img/logo_net_off.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7060
cf-ray
69b3f6d32b2a2175-DUS
content-length
3057
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 03:35:56 GMT
server
cloudflare
etag
"6018c89c-bf1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
195402068 196178524
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
logo_net_on.png
hk.on.cc/adv/web/corp/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/logo_net_on.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2120ebbbe270d6417b8d272c6450d10ef0d94235287b3eb2e2c8a52de73cb17e

Request headers

:path
/adv/web/corp/img/logo_net_on.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7061
cf-ray
69b3f6d32b2b2175-DUS
content-length
4259
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 03:35:56 GMT
server
cloudflare
etag
"6018c89c-10a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
199098405 191349465
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
net_icon_off.png
hk.on.cc/adv/web/corp/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/net_icon_off.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e91e1f5f9ab1b71b71686baf06d7a1661f89786df2019f315b2d3b8d1186f61

Request headers

:path
/adv/web/corp/img/net_icon_off.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7060
cf-ray
69b3f6d32b2c2175-DUS
content-length
3802
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jun 2020 06:39:24 GMT
server
cloudflare
etag
"5ed9e89c-eda"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
197445668 198646012
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
net_icon_on.png
hk.on.cc/adv/web/corp/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/net_icon_on.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2c044e8e8af87330e2c1c28479713e3107e8b9fe79b3a881bcb247902531db1

Request headers

:path
/adv/web/corp/img/net_icon_on.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y10
age
7060
cf-ray
69b3f6d32b2d2175-DUS
content-length
3377
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 05 Jun 2020 06:39:24 GMT
server
cloudflare
etag
"5ed9e89c-d31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
93844532 93449423
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
test_off.png
hk.on.cc/adv/web/corp/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/test_off.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af2d583999658b96ba5bc7d5cf834ca654a8930d5937c8f4830ee9c7e6fac5ed

Request headers

:path
/adv/web/corp/img/test_off.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7061
cf-ray
69b3f6d32b2e2175-DUS
content-length
1421
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Mar 2020 01:47:55 GMT
server
cloudflare
etag
"5e6ae64b-58d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
195402072 197896320
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
test_on.png
hk.on.cc/adv/web/corp/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/test_on.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc5e0245a9f89d144afabfb55c88f190a4153ad8c3baa67e340a2a7715a64940

Request headers

:path
/adv/web/corp/img/test_on.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7061
cf-ray
69b3f6d32b2f2175-DUS
content-length
1370
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Mar 2020 01:47:55 GMT
server
cloudflare
etag
"5e6ae64b-55a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
197702576 198513502
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
dot_off.png
hk.on.cc/adv/web/corp/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/dot_off.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c660dec6cd5e8f9e0b3c518da51439c7a47a1b28da85193926a06b005f0905b

Request headers

:path
/adv/web/corp/img/dot_off.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y10
age
7061
cf-ray
69b3f6d32b312175-DUS
content-length
1029
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Mar 2020 01:47:55 GMT
server
cloudflare
etag
"5e6ae64b-405"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
91867301 95755003
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
dot_on.png
hk.on.cc/adv/web/corp/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/dot_on.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45f029b0dec12e864c693266265b33e968158edb8ae5761c09013c8069544c2d

Request headers

:path
/adv/web/corp/img/dot_on.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7060
cf-ray
69b3f6d32b332175-DUS
content-length
1025
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Mar 2020 01:47:55 GMT
server
cloudflare
etag
"5e6ae64b-401"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
195402070 171591577
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
health_off.png
hk.on.cc/adv/web/corp/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/health_off.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b5514e397dfa4b681f07408e843b186c8e40f0c429e6b956154ac2c385aac34

Request headers

:path
/adv/web/corp/img/health_off.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7061
cf-ray
69b3f6d32b352175-DUS
content-length
1546
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Mar 2020 01:51:39 GMT
server
cloudflare
etag
"5e6ae72b-60a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
197702578 73692326
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
health_on.png
hk.on.cc/adv/web/corp/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/health_on.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e32b017a5bc36cfd7104924ee59da3e015206b7be6132b36f5951b0e7775c4c6

Request headers

:path
/adv/web/corp/img/health_on.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7060
cf-ray
69b3f6d32b362175-DUS
content-length
1455
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Mar 2020 01:51:39 GMT
server
cloudflare
etag
"5e6ae72b-5af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
195114956 197213464
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
sport_off.png
hk.on.cc/adv/web/corp/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/sport_off.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48deef5a4537b8c2d3bbc1c4cf8b5133ec55fade9fb3ab81bbe36bb4f7cc3f73

Request headers

:path
/adv/web/corp/img/sport_off.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7061
cf-ray
69b3f6d32b372175-DUS
content-length
1608
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Mar 2020 01:51:40 GMT
server
cloudflare
etag
"5e6ae72c-648"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
197445672 191496065
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
sport_on.png
hk.on.cc/adv/web/corp/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/sport_on.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f6a761102c6ab539f8c8886b76f6c4f92a49955a4bc5fec019a0e741638cac3

Request headers

:path
/adv/web/corp/img/sport_on.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4_hk.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:29 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7061
cf-ray
69b3f6d32b382175-DUS
content-length
1497
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Mar 2020 01:51:40 GMT
server
cloudflare
etag
"5e6ae72c-5d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
199098407 198543419
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211006/r20190131/ Frame CDDB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211006/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211006/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 08 Oct 2021 16:43:31 GMT
expires
Fri, 22 Oct 2021 16:43:31 GMT
content-type
text/html; charset=UTF-8
etag
10398570473303663775
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4601
x-xss-protection
0
age
32879
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
unicorp_disclaimer.css
hk.on.cc/adv/web/corp/source/ 		1 KB
634 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/adv/web/corp/source/unicorp_disclaimer.css
Requested by
Host: on.cc
URL: https://on.cc/adv/web/corp/source/unicorp_disclaimer.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a89c5d02602316b77d7d50cb7b8a168c10d707994d6f2aba75788365896bf5ed

Request headers

:path
/adv/web/corp/source/unicorp_disclaimer.css
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
age
8378
cf-ray
69b3f6d86f152175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 06 Aug 2018 06:48:01 GMT
server
cloudflare
etag
W/"5b67ef21-5ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
93615512 91938133
cache-control
public, max-age=1800, s-maxage=14400
content-type
text/css
oncc-imgLightbox.js
hk.on.cc/module/imageLightBox/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/imageLightBox/oncc-imgLightbox.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/oncc-common.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e3d14d0dd98175d8c8300d21f0f6b62719ca4bc5be0559bc2daa78073eea8ba

Request headers

:path
/module/imageLightBox/oncc-imgLightbox.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:31 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6d86f212175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 12 Aug 2021 03:25:22 GMT
server
cloudflare
etag
W/"611494a2-5b31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
439477708 439023429
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
jquery.imageloader.js
hk.on.cc/module/imageLightBox/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/imageLightBox/jquery.imageloader.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/oncc-common.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b5e2aaafde5b89dfeceb566b7396f2a67d3fbed9fc89b009e885be3e63216fb5

Request headers

:path
/module/imageLightBox/jquery.imageloader.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:31 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6d86f232175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Oct 2015 10:19:58 GMT
server
cloudflare
etag
W/"5631f2ce-144b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
440379652 438751887
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
imagesloaded.pkgd.min.js
hk.on.cc/module/imageLightBox/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/imageLightBox/imagesloaded.pkgd.min.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/oncc-common.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902

Request headers

:path
/module/imageLightBox/imagesloaded.pkgd.min.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:31 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6d86f242175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Oct 2015 10:19:57 GMT
server
cloudflare
etag
W/"5631f2cd-1b25"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
816559465 810312134
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
jquery.nanoscroller.min.js
hk.on.cc/module/imageLightBox/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/imageLightBox/jquery.nanoscroller.min.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/oncc-common.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f1a67bbff170b958990794fc07cf80f433268c65d7172b00b899efe464a3fad

Request headers

:path
/module/imageLightBox/jquery.nanoscroller.min.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6d87f272175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 29 Oct 2015 10:19:58 GMT
server
cloudflare
etag
W/"5631f2ce-5c5e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
9797652 189581244
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
style.css
hk.on.cc/module/imageLightBox/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/imageLightBox/style.css
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63cb783682c1fee5751754ed4ece9fb79f6076ed6b3f8897f3eb699048473a3d

Request headers

:path
/module/imageLightBox/style.css
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:31 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Tue, 26 Jan 2016 10:45:12 GMT
server
cloudflare
x-cacheable
Y10
etag
W/"56a74e38-10b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
419262140 422121772
content-type
text/css
cache-control
public, max-age=5, s-maxage=5
cf-ray
69b3f6d87f262175-DUS
perfect-scrollbar.min.css
hk.on.cc/module/imageLightBox/ 		3 KB
498 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/imageLightBox/perfect-scrollbar.min.css
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a87748394a66daba696e59525c519e2e087d2c3a2fb5d3c128cc164829483670

Request headers

:path
/module/imageLightBox/perfect-scrollbar.min.css
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:31 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Thu, 29 Oct 2015 10:20:00 GMT
server
cloudflare
x-cacheable
Y09
etag
W/"5631f2d0-c0a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
694457135 797540881
content-type
text/css
cache-control
public, max-age=5, s-maxage=5
cf-ray
69b3f6d87f282175-DUS
nanoscroller.css
hk.on.cc/module/imageLightBox/ 		1 KB
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/module/imageLightBox/nanoscroller.css
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fb214dcee17529a87f7896de7aabe068e469212c2abd4e6128fcf31d1146cfd4

Request headers

:path
/module/imageLightBox/nanoscroller.css
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:31 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Thu, 12 Nov 2015 05:53:24 GMT
server
cloudflare
x-cacheable
Y09
etag
W/"56442954-54e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
145370962 145464541
content-type
text/css
cache-control
public, max-age=5, s-maxage=5
cf-ray
69b3f6d87f292175-DUS
sync.html
cdn.aralego.net/ucfad/cookie/ Frame BEAD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/spcjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/sync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
content-type
text/html
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
952
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FytwvVGAytYLAc6SslbYBZCAx%2F6viA6y1J7HAgtX6x0r%2Bn5R3QrD2RvI9MzcKhOD%2B63d4YrF6Yv0kNEQu%2FJ8TCeHAIB2C0TfXkiFAiSu99kUt631QrOskzAS%2FUNUkqNg%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
69b3f6d8d97120fb-LHR
content-encoding
br
lg.php
ad4.on.cc/web/www/delivery/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4.on.cc/web/www/delivery/lg.php?bannerid=71&campaignid=32&zoneid=334&source=screenWidthOver&loc=1&referer=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&cb=002834524e
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:30 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
accept-ranges
bytes
cf-ray
69b3f6d87f2d2175-DUS
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
oncc_logo_v2.png
on.cc/img/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://on.cc/img/oncc_logo_v2.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2411ef0cba261612d596ad6fd9fb8cf35a91d8c91932bc1eca52133e491957c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
cf-cache-status
HIT
x-cacheable
L07
age
7064
cf-ray
69b3f6d87f322175-DUS
x-host
WL24
content-length
6433
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Oct 2021 02:19:24 GMT
server
cloudflare
etag
"615faaac-1921"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
50480664
cache-control
public, max-age=300, s-maxage=14400
accept-ranges
bytes
content-type
image/png
oncc_name.png
on.cc/img/ 		136 B
334 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://on.cc/img/oncc_name.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a26cc6cf40465651cf6eaef5995d24dd7cd8ef17a3ba63777f8ea0683b2534e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
cf-cache-status
HIT
x-cacheable
L08
cf-ray
69b3f6d87f332175-DUS
x-host
WL25
content-length
136
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2016 09:13:06 GMT
server
cloudflare
etag
"56cc22a2-88"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
46709124 46607485
cache-control
max-age=300, s-maxage=14400
accept-ranges
bytes
content-type
image/png
pic63.jpg
on.cc/adv/web/corp/img/ 		578 B
755 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://on.cc/adv/web/corp/img/pic63.jpg
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fc48b7c9856fd04e9b657943d039fa00c9171fb2fed4e70f2fb0a0f9d8d5140d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
cf-cache-status
HIT
x-cacheable
L08
age
7057
cf-ray
69b3f6d87f362175-DUS
x-host
WL25
content-length
578
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Oct 2008 03:36:37 GMT
server
cloudflare
etag
"48f80845-242"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
42533965
cache-control
max-age=300, s-maxage=14400
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
tc8se.jpg
on.cc/adv/web/corp/img/ 		549 B
675 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://on.cc/adv/web/corp/img/tc8se.jpg
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
798510123daf7abb9b350d0a0a2972651284dbf867b8e565df56d64c9b2b0797

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
cf-cache-status
HIT
x-cacheable
L07
age
10301
cf-ray
69b3f6d88f372175-DUS
x-host
WL24
content-length
549
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Oct 2008 03:43:31 GMT
server
cloudflare
etag
"48f809e3-225"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
64223761
cache-control
public, max-age=300, s-maxage=14400
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
landslip.jpg
on.cc/adv/web/corp/img/ 		689 B
848 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://on.cc/adv/web/corp/img/landslip.jpg
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1930ba80ff97a325fded249c202641ec6d64b7c7df30e89aa663fd077491b35

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
cf-cache-status
HIT
x-cacheable
L07
age
7058
cf-ray
69b3f6d88f382175-DUS
x-host
WL24
content-length
689
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Oct 2008 03:36:35 GMT
server
cloudflare
etag
"48f80843-2b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
50480593 55462440
cache-control
public, max-age=300, s-maxage=14400
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
oncc_deg.gif
hk.on.cc/adv/web/corp/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/oncc_deg.gif
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28b04b730ec93a432ace59ed70723ac53e3883f180bf8414f22b2fff89cda6a9

Request headers

:path
/adv/web/corp/img/oncc_deg.gif
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7058
cf-ray
69b3f6d88f392175-DUS
content-length
1185
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Nov 2013 04:50:29 GMT
server
cloudflare
etag
"52733315-4a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
197539150 195114701
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/gif
ireport2016.gif
hk.on.cc/img/v2/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/ireport2016.gif
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24b1dffe569d7f735c8fdcd1309b5137515b0a3881ebdacf1fd137fbd720294c

Request headers

:path
/img/v2/ireport2016.gif
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
cf-cache-status
HIT
x-cacheable
Y10
age
7057
cf-ray
69b3f6d88f3a2175-DUS
content-length
4946
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 05 Dec 2016 07:23:25 GMT
server
cloudflare
etag
"584515ed-1352"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
92667319 27513751
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/gif
ontv_menu_tc.png
hk.on.cc/adv/web/corp/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/ontv_menu_tc.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e53f47bb47d135f3d93abc61c09ca9969b0fffa0c67b166cd951cfc62c1384a8

Request headers

:path
/adv/web/corp/img/ontv_menu_tc.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7058
cf-ray
69b3f6d88f3b2175-DUS
content-length
4190
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 02 Feb 2021 04:13:59 GMT
server
cloudflare
etag
"6018d187-105e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
198646349 198902916
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
epaper_menu_tc.png
hk.on.cc/adv/web/corp/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/epaper_menu_tc.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50d828f84ee2b4939514c4d4855ed1c2b1252b040277f7fc8e691a00d4787db1

Request headers

:path
/adv/web/corp/img/epaper_menu_tc.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
cf-cache-status
HIT
x-cacheable
Y10
age
7058
cf-ray
69b3f6d88f3d2175-DUS
content-length
4670
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 13 Mar 2020 02:13:16 GMT
server
cloudflare
etag
"5e6aec3c-123e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
95626700 90921543
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
17058.js
ads.rubiconproject.com/ad/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/ad/17058.js
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/spcjs.php
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache / PHP/5.3.3
Resource Hash
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222

Request headers

Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Sat, 09 Oct 2021 01:51:30 GMT
Content-Encoding
gzip
Server
Apache
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=12101
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
8916
Expires
Sat, 09 Oct 2021 05:13:11 GMT
lg.php
ad4.on.cc/web/www/delivery/ 		43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4.on.cc/web/www/delivery/lg.php?bannerid=4863&campaignid=2466&zoneid=253&source=screenWidthOver&loc=1&referer=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&cb=a1ee645e05
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/spcjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:31 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
accept-ranges
bytes
cf-ray
69b3f6d88f412175-DUS
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
sdk.js
connect.facebook.net/zh_HK/ 		269 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/sdk.js?hash=e5cde57061fa3712123f2681cbf94a2a
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
bf08ee547de62cb27fc4a8b3185f99dac569a12b6087b8a5cd5a839e72dc56ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Origin
https://hk.on.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
fId21b75wqQXT5r2lSJCnA==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
77562
x-fb-rlafr
0
x-fb-debug
ejn/zodbv0du+8h5tZmdSN1bFQV5hKTuRpp/xH3XdEQi6B5XFVNjeNcdFYRsfqA2PxtUNskb9z5VxzeBmAgTlQ==
x-fb-trip-id
917726464
x-fb-content-md5
ab9578b10707e7f9c5c721f4c96b8c1c
x-frame-options
DENY
date
Sat, 09 Oct 2021 01:51:30 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"c27338c71d4fc102c6a5d1f6e5e9898f"
timing-allow-origin
*
priority
u=3,i
expires
Sun, 09 Oct 2022 01:44:11 GMT
odnfa.png
on.cc/img/v2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://on.cc/img/v2/odnfa.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4.css?v=31
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c65e07296a0f35fa9dd8654ef489c040021e1b31639f963c7c5e1070db1c07a4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/adv/web/corp/source/unicorp_v4.css?v=31
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
cf-cache-status
HIT
x-cacheable
L07
age
7057
cf-ray
69b3f6d88f4d2175-DUS
x-host
WL24
content-length
2225
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 18 May 2016 02:18:56 GMT
server
cloudflare
etag
"573bd110-8b1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
44593604 56007133
cache-control
public, max-age=300, s-maxage=14400
accept-ranges
bytes
content-type
image/png
727464-2.js
smarttag.rubiconproject.com/a/17058/153150/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/17058/153150/727464-2.js?&cb=0.9588807285869714&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=153150_2&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/17058.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
e3819e568c82cb7339b3233a0ea549c0faedb08472f53a982443d79f74c45e50

Request headers

Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:30 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
981
Expires
Wed, 17 Sep 1975 21:32:10 GMT
/
www.facebook.com/tr/ 		44 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1551914855123169&ev=fb_page_view&dl=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&rl=&if=false&ts=1633744290722&sw=1600&sh=1200&at=
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:30 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Sat, 09 Oct 2021 01:51:30 GMT
1x1.png
cdn.aralego.net/img/ Frame BEAD
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/53d0a423-3dc4-3f5b-804e-0386ebd3e6cb?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sUaigzpE2oWcIzXE_spq8zW5Io9TI6Pa2a51Tw8-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=f96a8a4b-4d55-46fd-b666-db4e6e04af57
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=NTNkMGE0MjMtM2RjNC0zZjViLTgwNGUtMDM4NmViZDNlNmNi&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=NTNkMGE0MjMtM2RjNC0zZjViLTgwNGUtMDM4NmViZDNlNmNi&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png&google_tc=
  • https://cdn.aralego.net/img/1x1.png
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.aralego.net/img/1x1.png
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1075
content-length
68
last-modified
Wed, 12 Jun 2019 06:09:43 GMT
server
cloudflare
etag
"5d009727-44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rWs9exdLtg9e2dfGGvkp%2BiZg6ZR5N8Z%2BjNURE51%2F1jbpGcZyNv5evhzei7d8hhsoGzOz%2BoLdpnnTraRBfhka2uZutq7nW%2B%2FtjfIQYK19ux%2FE5vN5hydJVmg8AsfANiK%2FGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
69b3f6e1ddd820fb-LHR

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cdn.aralego.net/img/1x1.png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
6d72e4ee-caa7-43da-9d0c-cbaa195362b0
beacon-fra2.rubiconproject.com/beacon/d/ 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/6d72e4ee-caa7-43da-9d0c-cbaa195362b0?oo=0&accountId=17058&siteId=153150&zoneId=727464&sizeId=2&e=6A1E40E384DA563BA6874B4A59991BFE18750FAE6712B661F82C7317FA38599C5948370EC891B216459F588C3FB649396D748C0D8D7FAA22A82BDA48DDDEE3030FB791A39332A752A8B1325D6ADD3BA863AF685AF18256F3A41604DEDCE67328D3CC5F02CB06B79721019E96BFD0370806ED968E8680843595BCEA9A1A431B34
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:30 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
764976-2.js
smarttag.rubiconproject.com/a/17058/153150/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://smarttag.rubiconproject.com/a/17058/153150/764976-2.js?&cb=0.07429997785494069&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=153150_2&rp_secure=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/ad/17058.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
ba4c3e6b7839f72c81b4a21482316c6c22cc49372437254abdbd9e59c8dc9273

Request headers

Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:30 GMT
Content-Encoding
gzip
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Content-Length
807
Expires
Wed, 17 Sep 1975 21:32:10 GMT
ajs.php
ad4.on.cc/web/www/delivery/ 		2 KB
832 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=883
Requested by
Host: smarttag.rubiconproject.com
URL: https://smarttag.rubiconproject.com/a/17058/153150/764976-2.js?&cb=0.07429997785494069&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=153150_2&rp_secure=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d70f68fce1f03878669788f5c6e57626048b1c5aee520dcfaa78a1a84a6c62a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:31 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
cf-ray
69b3f6da28862175-DUS
content-type
text/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
a36dd0b5-97e7-4bff-b042-644043c6ba49
beacon-fra2.rubiconproject.com/beacon/d/ 		43 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon-fra2.rubiconproject.com/beacon/d/a36dd0b5-97e7-4bff-b042-644043c6ba49?oo=0&accountId=17058&siteId=153150&zoneId=764976&sizeId=2&e=6A1E40E384DA563B993AB977AD7A7A5684261CB62E42F99E145CF3048499A69BFC00002779995068AEE9588BB70B76356D748C0D8D7FAA22DB22E1C0996B5E300FB791A39332A752A8B1325D6ADD3BA863AF685AF18256F3A41604DEDCE67328D3CC5F02CB06B79721019E96BFD0370806ED968E8680843595BCEA9A1A431B34
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.152 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:30 GMT
X-Content-Type-Options
nosniff
X-Frame-Options
DENY
Content-Type
image/avif
Cache-Control
private, max-age=0, no-cache
Connection
keep-alive
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
01 Jan 1970 10:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=883
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
97155c1b3f385419f3e71310451e82b2b9c745a8de025aab137dc9b3c1c29ccb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1010 / 554 of 1000 / last-modified: 1633731165"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26827
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 09 Oct 2021 01:51:31 GMT
lg.php
ad4.on.cc/web/www/delivery/ 		43 B
394 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4.on.cc/web/www/delivery/lg.php?bannerid=135&campaignid=59&zoneid=883&loc=1&referer=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&cb=4265b6280e
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:32 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
accept-ranges
bytes
cf-ray
69b3f6df9e2a2175-DUS
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame FC07 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Encoding
gzip, deflate, br
Cookie
khaos=KUJ562M6-M-5TJS; rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=; audit=1|hLZGFuTafB1o+/czUaEnw1LtLGlRh3wRPaq142vsbYDJD7uq6RWy1swpkhPxzSxyMfhabQi3+krHl/aHvjZOeQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Oct 2021 01:51:31 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 5D25 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Encoding
gzip, deflate, br
Cookie
khaos=KUJ562M6-M-5TJS; rsid=1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=; audit=1|hLZGFuTafB1o+/czUaEnw1LtLGlRh3wRPaq142vsbYDJD7uq6RWy1swpkhPxzSxyMfhabQi3+krHl/aHvjZOeQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
ETag
"403b8-119-5cd3a8e7e6a80"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 09 Oct 2021 01:51:31 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync.html
cdn.aralego.net/ucfad/cookie/ Frame 31CF 		2 KB
879 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/sync.html
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/sync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

date
Sat, 09 Oct 2021 01:51:31 GMT
content-type
text/html
last-modified
Wed, 16 Dec 2020 08:30:52 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
953
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gccIIANRED3%2Fmn75%2F%2FFr83liHzpyqKyRHJF6Uxzd7609bybEsGGSbs%2Fivxls%2F7AxiDmAvepDbuHzAnKZplG56exbKT%2FtrBlRLfzujpT4J5voXKGIhBPUs2vx7%2FActI05VQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
69b3f6dfacfa20fb-LHR
content-encoding
br
sina_share_button.png
hk.on.cc/img/v2/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/sina_share_button.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/css/v4/oncc-content.css?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad3d17c7e83b73549e7162aa9ee792fd6bba6e10d4854cae9f1580a43865fd74

Request headers

:path
/img/v2/sina_share_button.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/css/v4/oncc-content.css?20210106
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/css/v4/oncc-content.css?20210106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6df9e312175-DUS
content-length
2542
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 03 Jul 2014 07:04:34 GMT
server
cloudflare
etag
"53b50082-9ee"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
18606244 87864770
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
lg.php
ad4.on.cc/web/www/delivery/ 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4.on.cc/web/www/delivery/lg.php?bannerid=133&campaignid=57&zoneid=260&source=screenWidthOver&loc=1&referer=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&cb=dc4c053fd0
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:32 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
accept-ranges
bytes
cf-ray
69b3f6dfbe4a2175-DUS
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
42 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9c26e82e31e210fe6270d01fa9b70d88b6ba1c65d21283b65a0fc547bafd859

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1932
content-length
42696
last-modified
Thu, 23 Sep 2021 09:03:59 GMT
server
cloudflare
etag
"614c42ff-a6c8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9gOW6goQnj1FvphWd1ngEH92JCgIk%2BmFequA5MeZrVQt1N%2FXoVjD42K0wRWivaxvjF%2FchCK%2BeFpzBKhZ%2FpA9NDYLxp62c8g5trCOIvBDhpEB31s2gvM0lX2NeDzfhHveQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
69b3f6e21dee20fb-LHR

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
ajs.php
ad4.on.cc/web/www/delivery/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1030&adScreenW=1600
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c52f700c90d61ca6afc215442c2a7b68a37e03e01124c49ac7f08eac161a493

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
cf-ray
69b3f6dfbe4b2175-DUS
content-type
text/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
lg.php
ad4.on.cc/web/www/delivery/ 		43 B
129 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4.on.cc/web/www/delivery/lg.php?bannerid=4091&campaignid=2030&zoneid=262&source=screenWidthOver&loc=1&referer=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&cb=95e47a13c1
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/spcjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:32 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
accept-ranges
bytes
cf-ray
69b3f6dfbe4c2175-DUS
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
preview_load.gif
hk.on.cc/img/v2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/preview_load.gif
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/css/v4/oncc-global.css?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31e7eef09758875503099652e42c7ccc711355beb6a6043a7e04bf79fd313c85

Request headers

:path
/img/v2/preview_load.gif
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/css/v4/oncc-global.css?20210106
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/css/v4/oncc-global.css?20210106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:31 GMT
cf-cache-status
HIT
x-cacheable
Y10
age
7049
cf-ray
69b3f6dfce562175-DUS
content-length
6705
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Oct 2021 02:28:35 GMT
server
cloudflare
etag
"615facd3-1a31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
95918601
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/gif
idsync
sync.aralego.com/ Frame 31CF
Redirect Chain
  • https://sync.aralego.com/idsync?
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/53d0a423-3dc4-3f5b-804e-0386ebd3e6cb?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sUaigzpE2oWcIzXE_spq8zW5Io9TI6Pa2a51Tw8-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=f96a8a4b-4d55-46fd-b666-db4e6e04af57
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/53d0a423-3dc4-3f5b-804e-0386ebd3e6cb?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sUaigzpE2oWcIzXE_spq8zW5Io9TI6Pa2a51Tw8-~A&redirect=
35 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sUaigzpE2oWcIzXE_spq8zW5Io9TI6Pa2a51Tw8-~A&redirect=
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:33 GMT
Connection
close
Content-Length
35
Content-Type
image/gif

Redirect headers

date
Sat, 09 Oct 2021 01:51:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-sUaigzpE2oWcIzXE_spq8zW5Io9TI6Pa2a51Tw8-~A&redirect=
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usync.js
eus.rubiconproject.com/ Frame FC07 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85058
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Sun, 10 Oct 2021 01:29:09 GMT
usync.js
eus.rubiconproject.com/ Frame 5D25 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-42-132.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&geo=eu&co=de
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:31 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:24:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=85058
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9275
Expires
Sun, 10 Oct 2021 01:29:09 GMT
pubads_impl_2021100401.js
securepubads.g.doubleclick.net/gpt/ 		344 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js?31063069
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
7770fb287496ea4c36d2ac2f7ee6200008b73da0ec061c4d7e6d7a591df92fd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122419
x-xss-protection
0
last-modified
Mon, 04 Oct 2021 08:37:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 09 Oct 2021 01:51:31 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		54 B
89 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hk.on.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
a2f60a9699fa2fbac50f9ec4d058889f5cd8b4ddaee5acfa819d0f3df09155d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64
x-xss-protection
0
expires
Sat, 09 Oct 2021 01:51:31 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hk.on.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js?31063069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hk.on.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js?31063069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		462 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=237205609740545&correlator=3610053148569808&output=ldjh&impl=fifs&eid=31063069%2C31063082&vrg=2021100401&ptt=17&sc=1&sfv=1-0-38&ecs=20211009&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2C8165806213&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1633744291&dt=1633744291967&dlt=1633744283701&idt=8241&frm=20&biw=1600&bih=1200&oid=2&adxs=500&adys=8&adks=1575463554&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=728x90&msz=728x-1&ga_vid=376592898.1633744292&ga_sid=1633744292&ga_hid=633741726&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js?31063069
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
9e890be7ef5976ec520a702bc74799b2b16d81473b574981e699621aa0a14c9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hk.on.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		463 B
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=237205609740545&correlator=3610053148569808&output=ldjh&impl=fifs&eid=31063069%2C31063082&vrg=2021100401&ptt=17&sc=1&sfv=1-0-38&ecs=20211009&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2C5971315642&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie_enabled=1&bc=31&abxe=1&lmt=1633744291&dt=1633744291974&dlt=1633744283701&idt=8241&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=106&adks=2018291404&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=376592898.1633744292&ga_sid=1633744292&ga_hid=633741726&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js?31063069
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
75e96f6cfa669e696fae683aea0548462c4dbfbbf6be986a5d4bac217874eb59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
249
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hk.on.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d07abc0539ca53a9b8c1fa36431bbb2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AC34 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d07abc0539ca53a9b8c1fa36431bbb2c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js?31063069
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
d07abc0539ca53a9b8c1fa36431bbb2c.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 09 Oct 2021 01:51:32 GMT
expires
Sun, 09 Oct 2022 01:51:32 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
pixel
cm.g.doubleclick.net/ Frame FC07
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTgyYjljMmVjODdlYmE5ZDliYmE0ZjZkYTgwNGVlNGIxZGQ2YmUzYQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTgyYjljMmVjODdlYmE5ZDliYmE0ZjZkYTgwNGVlNGIxZGQ2YmUzYQ
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YTgyYjljMmVjODdlYmE5ZDliYmE0ZjZkYTgwNGVlNGIxZGQ2YmUzYQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame FC07 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:32 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame FC07
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/JMdorkjy6tRLRBUUngRLqA?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1516888106578105114
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1516888106578105114
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.151.90 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
Content-Type
image/gif

Redirect headers

date
Sat, 09 Oct 2021 01:51:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1516888106578105114
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame FC07
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5f426160-f5a4-4000-90df-6f601ac95793
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5f426160-f5a4-4000-90df-6f601ac95793
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.151.90 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
d5a7ef20801cf5cb1ee516b6110e672f
Content-Type
image/gif

Redirect headers

Date
Sat, 09 Oct 2021 01:51:32 GMT
Server
MT3 3984 0e3af3b master cdg-pixel-x14 config:1.0.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=5f426160-f5a4-4000-90df-6f601ac95793
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sat, 09 Oct 2021 01:51:31 GMT
tap.php
pixel.rubiconproject.com/ Frame FC07
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YWD1pAAAAaj7yAAR
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWD1pAAAAaj7yAAR&_test=YWD1pAAAAaj7yAAR
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWD1pAAAAaj7yAAR&_test=YWD1pAAAAaj7yAAR
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.151.90 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:32 GMT
via
1.1 varnish
server
Varnish
x-timer
S1633744292.125266,VS0,VE0
x-served-by
cache-hhn4026-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YWD1pAAAAaj7yAAR&_test=YWD1pAAAAaj7yAAR
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame FC07
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VKNTYyTTYtTS01VEpT
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VKNTYyTTYtTS01VEpT
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VKNTYyTTYtTS01VEpT
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
19c1ac3b9706c83a73951eba4d239689
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame FC07
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHr0vF76E-pBk2ST9jmeWho&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHr0vF76E-pBk2ST9jmeWho&google_cver=1
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.151.90 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEHr0vF76E-pBk2ST9jmeWho&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame FC07
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUJ562M6-M-5TJS&sigv=1&esig=2~ba1a7612b93272ee2094d8623dce4bc1ac3e5d63
0
444 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUJ562M6-M-5TJS&sigv=1&esig=2~ba1a7612b93272ee2094d8623dce4bc1ac3e5d63
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.118.23 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e2.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KUJ562M6-M-5TJS&sigv=1&esig=2~ba1a7612b93272ee2094d8623dce4bc1ac3e5d63
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4f2e9ddc15e6cc2c3861f8e2683d2514
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
615 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
977
cf-polished
origSize=1191
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSV9wogxDAvY9R6zf7zLEvKWVHIIWnI1o8uCchTYsh2xjrRW8EqwqrrZa3k1n7FT0P9%2F4t7xVxHjZNxrIXlw0ODd%2BB1cGqnVl2vt%2F%2BE6re5pHmk4eUzpBg57F9y5eTyGRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
69b3f6e25e0220fb-LHR
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
486 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=12px%20/%2012px%20%E6%96%B0%E5%BE%AE%E8%BB%9F%E6%AD%A3%E9%BB%91%E9%AB%94,%20%22Microsoft%20JhengHei%22,%20%E5%BE%AE%E8%BB%9F%E6%AD%A3%E9%BB%91%E9%AB%94,%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
733b914636197a9c74891bd8174ed89e6f6e25b244bac9a301c20c3ecb2f9b17

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:32 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://hk.on.cc
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=hk.on.cc&u=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&adid=ad-4886848697BA662C9682EDDDDABB28&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7215033554459072&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=12px%20%2F%2012px%20%E6%96%B0%E5%BE%AE%E8%BB%9F%E6%AD%A3%E9%BB%91%E9%AB%94%2C%20%22Microsoft%20JhengHei%22%2C%20%E5%BE%AE%E8%BB%9F%E6%AD%A3%E9%BB%91%E9%AB%94%2C%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
a9cd5607cc53b260c9f6f8512662bfaa6b06e5fe57e02caa5a02a5b62465c9b3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:32 GMT
Content-Encoding
gzip
X-Height
250
X-AdStyle
banner
X-AdSource
CDB
X-SspId
53d0a423-3dc4-3f5b-804e-0386ebd3e6cb
Connection
close
X-Width
300
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://hk.on.cc
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Transfer-Encoding
chunked
X-Adtype
html
Access-Control-Allow-Credentials
true
cht_cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 32E6 		807 B
618 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method
GET
:authority
cdn.aralego.net
:scheme
https
:path
/ucfad/cookie/cht_cookieSyncIframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
content-type
text/html
last-modified
Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials
true
cache-control
max-age=14400
cf-cache-status
HIT
age
1055
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJxR%2B4U5uYLUGX3pSWAQWZhrzv2cO5kJOxG99IVavMF9%2BuYpk2TnParEHnp7eGSmWKQREaxqa3DepsBG%2B98KUqB8bdnmPHLSh5RdBXJOviPQ6vBtYJpF9lW12BZyO7q%2BYA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary
Accept-Encoding
server
cloudflare
cf-ray
69b3f6e3aea920fb-LHR
content-encoding
br
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.200.41 Washington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:32 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 32E6 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
a4ce42c84a4b2ac018c2839bac1ca870bf54d17c79f8d5bdf8d6b450b56953fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1010 / 384 of 1000 / last-modified: 1633731165"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25891
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 09 Oct 2021 01:51:32 GMT
pubads_impl_2021092301.js
securepubads.g.doubleclick.net/gpt/ Frame 32E6 		338 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31063055
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
d7f36354b34b6689975a55773065d0b9dc7ab48ef63ee6e8bb68f199bf7debbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
121150
x-xss-protection
0
last-modified
Thu, 23 Sep 2021 08:34:35 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 09 Oct 2021 01:51:32 GMT
publishertag.js
static.criteo.net/js/ld/ Frame 8436 		119 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
last-modified
Mon, 04 Oct 2021 12:34:27 GMT
server
nginx
etag
W/"615af4d3-1dd0f"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sun, 10 Oct 2021 01:51:32 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1030&adScreenW=1600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
5aecce6806400e63014444a7b98e660eb78c35a9ebeb0efc58c349cf3be069e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1010 / 754 of 1000 / last-modified: 1633731165"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26943
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 09 Oct 2021 01:51:32 GMT
floatingCloseBtn.png
ad6.on.cc/web/html/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad6.on.cc/web/html/floatingCloseBtn.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be65b1c567e1f7558833b17c954318334b0e687a81cf4b77978460c58d210561

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
cf-cache-status
HIT
x-cacheable
L04
age
11981
content-length
1859
x-varnish
409494385 411388984
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 17 Jul 2014 09:48:29 GMT
server
cloudflare
etag
"743-4fe608afd1540"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=21600, s-maxage=21600
accept-ranges
bytes
cf-ray
69b3f6e53ab32175-DUS
lg.php
ad4.on.cc/web/www/delivery/ 		43 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6154&campaignid=3283&zoneid=1030&loc=1&referer=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&cb=307f2c4594
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:32 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
accept-ranges
bytes
cf-ray
69b3f6e52aa62175-DUS
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hk.on.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js?31063069
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hk.on.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js?31063069
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		452 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=237205609740545&correlator=3610053148569808&output=ldjh&impl=fifs&eid=31063069%2C31063082&vrg=2021100401&ptt=17&sc=1&sfv=1-0-38&ecs=20211009&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2ConccFloatingLREC&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie=ID%3De368636ebb60efca-226a399aeeca0049%3AT%3D1633744291%3AS%3DALNI_MY1R9Stu7P2UuX1dt_GEZuP594PiQ&bc=31&abxe=1&lmt=1633744292&dt=1633744292665&dlt=1633744283701&idt=8241&frm=20&biw=1600&bih=1200&oid=2&adxs=0&adys=950&adks=1851471856&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=376592898.1633744292&ga_sid=1633744292&ga_hid=633741726&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js?31063069
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
dbacb3c6f98ea75d147cfc9947294a4cfc214a44e1c8fff96bd05424d41d6b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hk.on.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
postscribe.min.js
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/spcjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.18.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
916296
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
4996
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-43d5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QC2bQ2BGfbMdMJfWaGvTOZYv3CoxcaX2kR6iryTAsE9pV0tZoSoSIfK08MwEK1mc66sf588XsEDnlG1S7JKnQEYgDKwOais%2BpZc3vnIN2yoc98ByBTH9n%2Bb%2BKukzZ9ET5EYkWAS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69b3f6e56d4321b1-DUS
expires
Thu, 29 Sep 2022 01:51:32 GMT
lg.php
ad4.on.cc/web/www/delivery/ 		43 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4.on.cc/web/www/delivery/lg.php?bannerid=2140&campaignid=1074&zoneid=283&source=screenWidthOver&loc=1&referer=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&cb=667b5de6ce
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/spcjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:33 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
accept-ranges
bytes
cf-ray
69b3f6e53ab02175-DUS
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
popin_alignment.js
ad6.on.cc/web/html/popin/ 		256 B
309 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad6.on.cc/web/html/popin/popin_alignment.js
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/spcjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef6fe33c1cd5b855e101b07f25c08d2db21f94ccf65650d6923d9ebbe76e4da0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:33 GMT
content-encoding
br
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
last-modified
Wed, 03 Jun 2020 08:14:00 GMT
server
cloudflare
x-cacheable
L04
etag
W/"100-5a7299c388200"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent
x-varnish
168205792
content-type
text/javascript
cache-control
public, max-age=1800, s-maxage=1800
cf-ray
69b3f6e53ab22175-DUS
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 32E6 		57 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31063055
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
9d384d8c62251ddbbc45c8d6e19abbb5afbcad5925f9f6f5587f8bd0bac8627b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:10:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2439
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21966
x-xss-protection
0
server
cafe
etag
691278375023635005
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Sat, 09 Oct 2021 02:10:53 GMT
integrator.js
adservice.google.de/adsid/ Frame 32E6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31063055
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 32E6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31063055
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 32E6 		330 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=641287727210449&correlator=607537067189701&output=ldjh&impl=fifs&eid=31062393%2C31063055%2C21068766%2C31060888%2C31061691%2C31061693&vrg=2021092301&ptt=17&sc=1&sfv=1-0-38&ecs=20211009&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1633744292740&dlt=1633744292447&idt=269&ea=0&frm=24&biw=-12245933&bih=-12245933&oid=2&adxs=-12245933&adys=-12245933&adks=64515409&ucis=ofpy0u3b8fbp&ifi=1&ifk=923963767&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&top=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&rumc=641287727210449&rume=1&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=2068772414.1633744293&ga_sid=1633744293&ga_hid=660618612&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31063055
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
dc0668123dfc98af03587bfdccb33429a543000c2c03d014b0c21f219a4f9d67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e918485f93c6f7d0e561007eac9ffc5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D8EE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e918485f93c6f7d0e561007eac9ffc5b.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31063055
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
e918485f93c6f7d0e561007eac9ffc5b.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.aralego.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 09 Oct 2021 01:51:32 GMT
expires
Sun, 09 Oct 2022 01:51:32 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hk.on.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js?31063069
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hk.on.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js?31063069
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		446 B
270 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=237205609740545&correlator=3610053148569808&output=ldjh&impl=fifs&eid=31063069%2C31063082&vrg=2021100401&ptt=17&sc=1&sfv=1-0-38&ecs=20211009&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2C8290677782&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie=ID%3De368636ebb60efca-226a399aeeca0049%3AT%3D1633744291%3AS%3DALNI_MY1R9Stu7P2UuX1dt_GEZuP594PiQ&bc=31&abxe=1&lmt=1633744292&dt=1633744292754&dlt=1633744283701&idt=8241&frm=20&biw=1600&bih=1200&oid=2&adxs=1022&adys=625&adks=1557487965&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=376592898.1633744292&ga_sid=1633744292&ga_hid=633741726&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js?31063069
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
89125aee55448d629533ef39961819e91c16e1563bfc9cb4445a0b66155d03ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
241
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hk.on.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
cdb
bidder.criteo.com/ Frame 8436 		0
181 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=114&profileId=184&cb=87385509325
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://hk.on.cc
date
Sat, 09 Oct 2021 01:51:32 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
events
bidder.criteo.com/csm/ Frame 8436 		0
181 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://hk.on.cc
date
Sat, 09 Oct 2021 01:51:32 GMT
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Finatra
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 8436 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 04 Oct 2022 01:51:32 GMT
pixel.gif
static.criteo.net/images/ Frame 8436 		43 B
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Tue, 04 Oct 2022 01:51:32 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 32E6 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021092301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31063055
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
503e3f479817f6dad12d5fda0722d99ecc6cccbca48e63cccd674ab60b5e02f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8537
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 32E6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=cdn.aralego.net&doc=complete&pg_h=0&pg_w=0&pg_hs=0&c=0&aa_c=0&dt=d
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 32E6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021092301.js?31063055
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 09 Oct 2021 01:51:32 GMT
jquery-1.5.2.min.js
hk.on.cc/js/ Frame 8436 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/jquery-1.5.2.min.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
313995a771199f3e737b10d1cd1741fa4f1581e25b4bb8e73c71345fbd71d52d

Request headers

:path
/js/jquery-1.5.2.min.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca-226a399aeeca0049:T=1633744291:S=ALNI_MY1R9Stu7P2UuX1dt_GEZuP594PiQ
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:33 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6e6fc022175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Apr 2011 07:53:48 GMT
server
cloudflare
etag
W/"4dafe28c-15bf6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
265076684 357863393
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 8436 		79 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
2b6af8a6327b2ffc27912f67be0eb5cadd7cae15105f78d3cfb34e7a8cad0588
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1010 / 577 of 1000 / last-modified: 1633731165"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26943
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 09 Oct 2021 01:51:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8B73 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.aralego.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 08 Oct 2021 20:58:37 GMT
expires
Sat, 08 Oct 2022 20:58:37 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
17575
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1A04 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
c8b3fffd69a832d90d8b22904744e2292350614913464c40ec99f39dad662b0f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-QuWpJk354+puGMqxapWg8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://cdn.aralego.net/
accept-encoding
gzip, deflate, br
cookie
NID=511=Ix50Sjd-mvTrOVNGQqVsIhUzNejOk26JvXQLYN2C2sGk2-Q_31QvzhYRckzUN6L188Z6IwC-MbrFORpmvDWISHWG102izsA-cg48Kvt5wRHkFWPqKzBrb2K5EAvTk5ISTJX_nDh49idmOwFmWowPLrlDVZkmP1RK4A25iOT9qQA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 09 Oct 2021 01:51:33 GMT
date
Sat, 09 Oct 2021 01:51:33 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-QuWpJk354+puGMqxapWg8w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
pagead2.googlesyndication.com/bg/ Frame 8B73 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 20:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
18072
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13358
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 08 Oct 2022 20:50:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1A04 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021092301&jk=641287727210449&rc=
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 32E6 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021092301&jk=641287727210449&bg=!oaKloubNAAbGFvHlxhY7ACkAdvg8WlPkWx3yu5FWyYLEDmbJo9Apx9hvSwFpHgCWRefy1dbvQNS9NgIAAABkUgAAAA1oAQcKAB8_iJaO5ICW73LFsDBZwIP9QQTWLALzdk1Mra87yQgTmQLYQ1Jwr6-qZ8jtd3YmwnW_zuBDEWvFOAOSMsNu8b5_ticedWkhWtQYmSPq_lEIeD4eo-ijnah_Vk6dSte96b8izNtee1m207GXXbWdP2eOxja_zpkYy_MpCOIDHWQ46ZTanTl2100jG5Ql7IP5ifee1t8e3Hu7fM2Bn6xAmHMny_yvnSS76ivzOxSBnpT6pRD_94-EtKgC4uErGtLfoCtwpsXUKqMyT91IqNa_yXC8ze0h9EIDa-ngJ1iGoQcyQY19ZWzmLsZUQb30j8BPo9d066JBOxBJScjeJeMbh8H-7B5KTm0g5yAvda-3qjYg7PvuEM71_QJ-22-uHLUC0YCJ6QvTrryj5akmW69hiPL-t8Ms0kdPfhmgTGeQOdXoEcHWIsu1ep6zATTDgJ6pUia1lOuMtaaPB6ns-MVZt4OitGKDzucOBWtE2rDuADF2zOdCySlnb4aGFJP50WyNfLRYUPGiJCbt8ri6IydzG6vQhsMJa27vv1htPzR86O-0Fe8-ekYMAbE9svSEG9Kc6Kiy6c_UBB7hd5gO1fXwTFB1iwnYZ4sHGPuEfBGucB2L-bh4lmyR3ymXiU2FWGNUwcPkkMu4-QaMNqBIqxXLtWPjZRMBDMU5d6lgcRR2tD8AcAzGK_KjbctKVdU86haUrQR53WawweErIC7MV_PmaQENIexmQ28OcOKDjDgABhmNRrSCVPKr6o4GhNFW8FUjSEVJsl2Yt-x9jzDg_Ow4N3TV40xCfAMONUCdvOVNNUMNvqkZmWnylOKCFyc1Dhl9CgzpdXPu2-sDAHu6hNMMMi21MHvEvSrL5OVXkpf48ea_bkHbKh0y1mN9qnj85QssV7frJzozTw_ktK0W2H3hxSyTmUDkQF8Jg09lwKJPD0iEuc_ojlcgbOnZwgwlyxbuHEM3aOwNDdBaefumCpY3ntC1qqwpYvsNa7MPh6kxlqhroCDneT8W2oTB4Ps
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ajs.php
ad4.on.cc/web/www/delivery/ 		199 B
209 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=932
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/spcjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dfd67f76273a5ee99757bb66ec7648d8c09e5bc44f4f8830bb242fa4c9e58579

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:33 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
cf-ray
69b3f6ea9f1b2175-DUS
content-type
text/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
web_btn.png
hk.on.cc/adv/web/corp/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/adv/web/corp/img/web_btn.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d00ef9f9dce166845458fc99049b500dd07238787ccc25da41ea7f9ac7fe7b5d

Request headers

:path
/adv/web/corp/img/web_btn.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:33 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
3959
cf-ray
69b3f6eb3f752175-DUS
content-length
5752
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 02 Aug 2018 05:34:50 GMT
server
cloudflare
etag
"5b6297fa-1678"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
198513739 197213324
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
ajs.php
ad4.on.cc/web/www/delivery/ 		52 B
212 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=1123
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=932
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1957e174cb1527132317acd9ed993f27ce1da6e121dd4859577ede702775eda9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:34 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
cf-ray
69b3f6ec18522175-DUS
content-type
text/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
pubads_impl_2021100601.js
securepubads.g.doubleclick.net/gpt/ Frame 8436 		365 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
sffe /
Resource Hash
62829675b31c3c336b79e09872f249e6d6262c6faa9371985f821223dbaf2d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125954
x-xss-protection
0
last-modified
Wed, 06 Oct 2021 08:42:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 09 Oct 2021 01:51:33 GMT
integrator.js
adservice.google.de/adsid/ Frame 8436 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=hk.on.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 8436 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=hk.on.cc
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 8436 		363 B
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=777548233280995&correlator=3594284333316587&output=ldjh&impl=fifs&eid=31063070%2C31063082&vrg=2021100601&ptt=17&sc=1&sfv=1-0-38&ecs=20211009&iu_parts=21589405%2Cca-pub-1862194061110379-tag%2C8924782041&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&cdm=hk.on.cc&bc=31&abxe=1&lmt=1633744293&dt=1633744293912&dlt=1633744292205&idt=1687&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=2&adxs=1022&adys=364&adks=1931073507&ucis=sztvsupmyb32&ifi=1&ifk=4175963273&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&top=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=1172433178.1633744294&ga_sid=1633744294&ga_hid=167871480&ga_fc=false&fws=260&ohw=300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
d61b0f183694ddea8b526970382b6334d021d535526ab67ed9e2968ddad5d063
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:34 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
160
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hk.on.cc
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
83a02cf37f3344bf491690fbb04daeca.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AB32 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://83a02cf37f3344bf491690fbb04daeca.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f1.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
83a02cf37f3344bf491690fbb04daeca.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html?n=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Sat, 09 Oct 2021 01:51:33 GMT
expires
Sun, 09 Oct 2022 01:51:33 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csi
csi.gstatic.com/ Frame 32E6 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kuj56466&c=641287727210449&e=31062393%2C31063055%2C21068766%2C31061691%2C31061693&ctx=1&met.9=1.29~2.8d~3_1.96~7_1.0~4_1.au~5_1.ax&met.3=831.8f~827.8g~74.8h_1~43.8i_1~6.8j~91.8j~95.8j_2~77.8h_5~894.8n~724.8o~872.8o~907.8u_2~831.96~808.98~808.98~751.98~112.9r_1~646.au_1~800.av~800.av~800.av~800.av~800.av~801.ax~825.ax~801.ax~355.ax~825.ax~647.ay~94.b5~573.b7~598.b7~113.b6_1&met.10=1_1.IM0CEAAIABj___________8BKAA&met.7=CBsQCMAB3uHHoAQ~CDsQChgBICkoKTBEOBxoKnBBeM_MAYABo8oBiAHv0gSwAQG4AQPAAeLN6pYJ~CA4QChgBIFIoUjB5OCdoUnBpeOq0B4ABvrIHiAGbkxWwAQG4AQPAAZ_kqvwE~CCgQChgBILcCKLcCMMcCOBBouAJwxgJ4-q0BgAHOqwGIAZXFA7ABAbgBA8ABm-H6cA~CC8QBxgBILwCKLwCMNYCOBpovAJw1QJ4kAOAAWSIAWuwAQG4AQPAAZv_iccH~CC8QBxgBILwCKLwCMNkCOB1ovAJw2QJ4kAOAAWSIAWuwAQG4AQPAAe21srAK~CA8QDRgBIMoCKMoCMIIDODhoygJwgQN4rgOAAYIBiAHKArABAbgBA8ABv96a6wY~CBsQBRgBIMwCKMwCMIoDOD5o6AJwiAN40BqAAaQYiAHOL7ABAbgBA8ABtPTHww4~CBsQCDiSA8AB3uHHoAQ~CBwQBhgBIJQDKJQDMM0DODlQlANYsANglANosANwzQN4rAKwAQG4AQPAAZSE4rUO~CCcQDRgBIJIDKJIDMNUDOENAkgNIkgNQkgNYrgNgkgNorgNw0wN4hUWAAdlCiAHfV7ABAbgBA8AB8_LLrgs~CCcQChgBINYDKNYDMJkEOEPAAeLBm9oF~CCcQBRgBIJ8EKJ8EMMUEOCbAAdT_u6UH~CBsQBRgBIKAEKKAEMPIEOFLAAc_G2uIB~CBwQBhgBIOwFKOwFMIsGOCBo7AVwiwZ4rAKwAQG4AQPAAZSE4rUO&met.1=1.kuj563wf~6.0~7.0~8.0~9.0~10.0~12.2~13.u~14.u~15.w~16.15~17.15~18.15~19.b5~20.b5~21.b6&qqid.1=CPTR5eGbvPMCFdXXEQgdoXoNfw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.aralego.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 8436 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021100601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
1043d8f464418da9b07f57422bb389edba3bc8c1b7e0a355961f8cf5dc5d663a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8480
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 8436 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100601.js?31063070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 09 Oct 2021 01:51:34 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9F8A 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 08 Oct 2021 20:58:37 GMT
expires
Sat, 08 Oct 2022 20:58:37 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
17577
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame D562 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
9e94347ba4cb9a17ddb02c8a7564a6a6c22be2751d2e1da6f618f19c32e28098
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-TIH7FCoeokGrpV2AkKeqSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
cookie
NID=511=Ix50Sjd-mvTrOVNGQqVsIhUzNejOk26JvXQLYN2C2sGk2-Q_31QvzhYRckzUN6L188Z6IwC-MbrFORpmvDWISHWG102izsA-cg48Kvt5wRHkFWPqKzBrb2K5EAvTk5ISTJX_nDh49idmOwFmWowPLrlDVZkmP1RK4A25iOT9qQA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 09 Oct 2021 01:51:34 GMT
date
Sat, 09 Oct 2021 01:51:34 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-TIH7FCoeokGrpV2AkKeqSw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
pagead2.googlesyndication.com/bg/ Frame 9F8A 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 20:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
18073
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13358
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 08 Oct 2022 20:50:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame D562 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021100601&jk=777548233280995&rc=
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8436 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021100601&jk=777548233280995&bg=!4eKl4qbNAAbGFvHlxhY7ACkAdvg8WoEAl5VgyKqkYntnUS_qKrkG3FVFppNrWJyVxP_CgS6Rb7IfUgIAAABiUgAAAAloAQeZAsj5p1de7IPXBlOeNbUZ9jMnolJa2blYuKB-oARWi-48f_nYxVfya59oliIye7pbWO4ppcwwNJpkoiamqkRZ_izci9M8ZPUYSE1zjxRpg7gMvBYaRLZ4h6mRejJSSFigv4Pv4gGLnPwkGPm66vm9-qnvdfMdLPsNi6pXpuLY0TdojdkkRfSwxv1QfexrDSG3UP3Ux9TIf8ad4or55hvoTsTMtmQ_x6Xh-PFleoji4zneae93xTi4UZJftaesnkyO1whq0p1IG2Vv6p3RIhjdq8gtHMsBgq8AUhif33jTO-3b713qmS607Nh6w34NIPfBcr6qVE-G85Hg-KTxdMxiEU4i1kJUEkKKCPsAl3bhnwRav5KyvFgQGc0f25dr3iQJDMnkns0XsvUceN7n5smFva6EQvt0F3DWfQZBpFzFF23ZD06Y0jSLj49Wr4fd0J1UON8bbRkOt7z2JH25yGp-tZNMtEQX8b1BVSg-dvtZUcbrlvmRYsxymcG8_Effq-u6PZ0gFBlIl-AegZVzKjCuou6B2Yr-vM0i3cjQcVUE3o0dcFug6mxwz-xDPcbVvzDMzBwo83Qv6c3vVsYQUXG3gsYNb9T1mxuY_z83wy17bAGSqEDDfeJH4_5eOxTJcJNM0aUkI4awkk0H13ABiYXIwAdwBrmY6b2fBgt_GqKqwuzZrZf_VjuH-7Fy_OeHLMUEJ6C1i1ZOd9sSszky5Aga1nKUjCrOzBjDl2QBHJctJbsLxNeEv3tp9XSSm2u5r6wnCuFD6zP3VmkEMjEv3SLZb38si7vW8xig7MK_BBlHB9LesrpaUgjPtf0rUep88vNGMZNPtbYSeGjGDQFpiZh-A7wH3iMtvT8Gmfza3ZlUzDSAe-H0rpiI0QlF3ekg81z44b0BmyG1Mjxu4t_MwDQdAzKilAvg9ePrYkrwOHCQvvQEdfIDmDYRIVJC
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
on_hk.js
api.popin.cc/searchbox/ 		111 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/searchbox/on_hk.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/oncc-body-end-script.js?20210106
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
fb9d016e0c32fea041fe6d83b1a6d2509e2baa2faa66c30d08fcbe30966c8335

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:35 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Oct 2021 04:26:12 GMT
Server
nginx
ETag
W/"2d61a6145edfbf91a06dcc2a960ea4b2"
X-Cache-Status
HIT from 10.252.55.25
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
68QuzwjTKBt69uXrTZncnjnfDgbb9cAu
Expires
Sat, 09 Oct 2021 02:51:35 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=1551914855123169&input_token&origin=1&redirect_uri=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js?hash=e5cde57061fa3712123f2681cbf94a2a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
4ZDtl8j9cpq63bLLt5KmyLFq9RhuBO/CtddEdcp0/bNNjThUmFU2DssBKTfaavz+kEvPLZsgq3ckErxvRbIO6w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
date
Sat, 09 Oct 2021 01:51:35 GMT
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hk.on.cc
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
live_feed_v3.js
tv.on.cc/js/live/ 		4 B
483 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tv.on.cc/js/live/live_feed_v3.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.136.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace810d7e2cbb4f8c40ce09dc8e191ae466adb4e1a7d49c59f2215b411d38b05

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:35 GMT
cf-cache-status
HIT
x-cacheable
L03
cf-ray
69b3f6f43ca4fb5c-DUS
content-length
4
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Oct 2021 10:10:57 GMT
server
cloudflare
etag
"4-5cdd498645723"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
x-varnish
665458963 665846183
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5, must-revalidate
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 09 Oct 2021 01:56:27 GMT
chartbeat_video.js
static.chartbeat.com/js/ 		69 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_video.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.5.163 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-5-163.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 00:58:36 GMT
content-encoding
gzip
age
3179
x-edge-origin-shield-skipped
0
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
last-modified
Fri, 09 Jul 2021 00:14:48 GMT
server
nginx
etag
W/"60e794f8-11377"
vary
Accept-Encoding
content-type
application/x-javascript
via
1.1 560d8d35213ac925f8d05c5730db1582.cloudfront.net (CloudFront)
cache-control
max-age=7200
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
rplxA0Exjd49rHyXf-1mUMr0Rp32Am1dgmdBoWZaHo7N2ZS-UO1z-Q==
expires
Sat, 09 Oct 2021 02:58:36 GMT
toTop_hk.png
hk.on.cc/img/v2/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/toTop_hk.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/css/v4/oncc-global.css?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e62e7101e59f206b451a65e3f4b56fe65fdb63abac707348a073be728dffad9

Request headers

:path
/img/v2/toTop_hk.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/css/v4/oncc-global.css?20210106
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/css/v4/oncc-global.css?20210106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:35 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7038
cf-ray
69b3f6f3fecf2175-DUS
content-length
1507
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 15 Apr 2014 09:42:11 GMT
server
cloudflare
etag
"534cfef3-5e3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
195115130 195401896
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
search_oncc.png
hk.on.cc/img/v4/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v4/search_oncc.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/css/v4/oncc-global.css?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
788da552af614f8063af98fd71499e8a28c13d0b82ab34beb840f682e6c59100

Request headers

:path
/img/v4/search_oncc.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/css/v4/oncc-global.css?20210106
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/css/v4/oncc-global.css?20210106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:35 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7039
cf-ray
69b3f6f3fed02175-DUS
content-length
2332
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 08 Jun 2021 04:09:21 GMT
server
cloudflare
etag
"60beed71-91c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
195292742 195327698
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
icon_txtlarge.png
hk.on.cc/img/v2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/icon_txtlarge.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/css/v4/oncc-content.css?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cdf6164b532880410513dc2fd6f9289c184b28143b81ef6b44d8f1a4b2db6e5

Request headers

:path
/img/v2/icon_txtlarge.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/css/v4/oncc-content.css?20210106
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/css/v4/oncc-content.css?20210106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:35 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6f42eec2175-DUS
content-length
1803
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Apr 2016 09:30:08 GMT
server
cloudflare
etag
"5704d720-70b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
195115281 197213180
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
icon_txtsmall.png
hk.on.cc/img/v2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/icon_txtsmall.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/css/v4/oncc-content.css?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c998005d6337db0fd8d58986b7a794d26d84fce7856fd4a86288c5616a2df275

Request headers

:path
/img/v2/icon_txtsmall.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/css/v4/oncc-content.css?20210106
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/css/v4/oncc-content.css?20210106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:35 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6f42eed2175-DUS
content-length
1664
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Apr 2016 09:30:08 GMT
server
cloudflare
etag
"5704d720-680"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
191720709 195327493
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
articleVideo_news.js
hk.on.cc/hk/bkn/video/20170929/ 		16 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/hk/bkn/video/20170929/articleVideo_news.js?_=202110090151
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a910633701d4b3e18258597c3247151848d7659f6c98550c93018fcd70d395f5

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
:path
/hk/bkn/video/20170929/articleVideo_news.js?_=202110090151
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:35 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6f42eee2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Dec 2017 08:55:51 GMT
server
cloudflare
etag
W/"5a290217-402f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
165685876
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=60
content-type
application/javascript
articleFile360List_822.js
hk.on.cc/hk/bkn/file360/status/20170929/ 		4 B
135 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/hk/bkn/file360/status/20170929/articleFile360List_822.js?_=202110090151
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cada29124805d8e0454dc5b67225bbf87075cffd53418e9c56f674708220e2c

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
:path
/hk/bkn/file360/status/20170929/articleFile360List_822.js?_=202110090151
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:36 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f6f98b542175-DUS
content-length
4
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 26 Oct 2017 13:18:46 GMT
server
cloudflare
etag
"59f1e0b6-4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
380937687
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
accept-ranges
bytes
content-type
application/javascript
icon_arrow_left.png
hk.on.cc/img/v2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/icon_arrow_left.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/css/v4/oncc-content.css?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4e047c7e47910f1a9b0d6ce7fb2811c87d767476cc6444dd428f7f79d32f475

Request headers

:path
/img/v2/icon_arrow_left.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/css/v4/oncc-content.css?20210106
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/css/v4/oncc-content.css?20210106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:37 GMT
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6fef8362175-DUS
content-length
1304
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Apr 2016 09:30:05 GMT
server
cloudflare
etag
"5704d71d-518"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
95918462
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
icon_arrow_right.png
hk.on.cc/img/v2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/icon_arrow_right.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/css/v4/oncc-content.css?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a74d2554dec9a60d2ca02c00671d4bc95d30e469faea9307e722ad60ce235c2c

Request headers

:path
/img/v2/icon_arrow_right.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/css/v4/oncc-content.css?20210106
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/css/v4/oncc-content.css?20210106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:37 GMT
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6fef8392175-DUS
content-length
1299
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Apr 2016 09:30:06 GMT
server
cloudflare
etag
"5704d71e-513"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
95851353 96043696
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
eventList.js
hk.on.cc/hk/bkn/cnt/news/ 		5 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/hk/bkn/cnt/news/eventList.js?_=202110090151
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac8b8516f6869b7adc1439e688d8cdcac3d5b30b7c7c62b1c401454f98a287d0

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
:path
/hk/bkn/cnt/news/eventList.js?_=202110090151
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:37 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f6fef83c2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Oct 2021 01:14:06 GMT
server
cloudflare
etag
W/"6160ecde-127b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
122915751 119307492
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
290x50_content.html
hk.on.cc/ad/ctf/ Frame 01D6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/ad/ctf/290x50_content.html
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b5be72749970a138dd1921fbb15b7f264f1894f9823bebb1248193aa7638639

Request headers

:method
GET
:authority
hk.on.cc
:scheme
https
:path
/ad/ctf/290x50_content.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

date
Sat, 09 Oct 2021 01:51:37 GMT
content-type
text/html
last-modified
Fri, 21 May 2021 04:12:03 GMT
etag
W/"60a73313-ee1"
cache-control
public, max-age=5, s-maxage=5
vary
Accept-Encoding
x-cacheable
Y09
x-varnish
778841029 774961660
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69b3f70079742175-DUS
content-encoding
br
hitCount_all_UTF8.js
hk.on.cc/js/hitCount/js/ 		408 KB
81 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/hitCount/js/hitCount_all_UTF8.js?_=202110090151
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b166a93c0a6ba6d25f10c3b28af1aabc8546357dc21a1c8e7dc6dd22484327c

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
:path
/js/hitCount/js/hitCount_all_UTF8.js?_=202110090151
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f70079762175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Oct 2021 01:51:10 GMT
server
cloudflare
etag
W/"6160f58e-6617e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
124211667 123826169
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
hkdate_icon.png
hk.on.cc/img/v2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/hkdate_icon.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/css/v4/oncc-content.css?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
850fbfe1c79c1337d6691bdb976901786fe2ae250333b90624e95080c284d3de

Request headers

:path
/img/v2/hkdate_icon.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/css/v4/oncc-content.css?20210106
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/css/v4/oncc-content.css?20210106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f707efa12175-DUS
content-length
1244
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Jan 2018 08:57:49 GMT
server
cloudflare
etag
"5a5dbe8d-4dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
196436822 195292530
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
arrow_left_hk.png
hk.on.cc/img/v2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/arrow_left_hk.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/css/v4/oncc-global.css?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd5a7b2bafa6bbebb71e04d1662214c570a9d4a1ad8346d0b3d4c09700ef7c34

Request headers

:path
/img/v2/arrow_left_hk.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/css/v4/oncc-global.css?20210106
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/css/v4/oncc-global.css?20210106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7038
cf-ray
69b3f707efa32175-DUS
content-length
2044
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Apr 2015 08:15:53 GMT
server
cloudflare
etag
"5538aa39-7fc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
194901688 196828413
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
dot_hk.png
hk.on.cc/img/v2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/dot_hk.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/css/v4/oncc-global.css?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8292599fb0cd28d6c1b7f3a82bd4ebfe2900fc67fab40ead78947e404b27f545

Request headers

:path
/img/v2/dot_hk.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/css/v4/oncc-global.css?20210106
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/css/v4/oncc-global.css?20210106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7038
cf-ray
69b3f707efa42175-DUS
content-length
1028
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Mar 2015 09:23:50 GMT
server
cloudflare
etag
"55127ea6-404"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
197539179 195776813
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
dot.png
hk.on.cc/img/v2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/dot.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/css/v4/oncc-global.css?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
536b9ab23b8cab5e2eb31b023a5685ec04b119f5facad57da44c76fea9c1c230

Request headers

:path
/img/v2/dot.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/css/v4/oncc-global.css?20210106
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/css/v4/oncc-global.css?20210106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7038
cf-ray
69b3f707efa52175-DUS
content-length
1033
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Mar 2015 09:23:49 GMT
server
cloudflare
etag
"55127ea5-409"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
195026130 197539001
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
arrow_right_hk.png
hk.on.cc/img/v2/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/arrow_right_hk.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/css/v4/oncc-global.css?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb2f5f2d0e51cc2600e8b22bfb10db1958cc3bcc929cad2e5cd1b7c227bfe37

Request headers

:path
/img/v2/arrow_right_hk.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/css/v4/oncc-global.css?20210106
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/css/v4/oncc-global.css?20210106
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
7038
cf-ray
69b3f707efa72175-DUS
content-length
2050
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 23 Apr 2015 08:15:54 GMT
server
cloudflare
etag
"5538aa3a-802"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
199000760 196828472
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
news_dailyList.js
hk.on.cc/hk/bkn/js/20170929/ 		129 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/hk/bkn/js/20170929/news_dailyList.js?_=202110090151
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b29e38c49cc6270dd56183ff3fb48ffd5b9044d47d79a9527b77c748fb5e331d

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
:path
/hk/bkn/js/20170929/news_dailyList.js?_=202110090151
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f7080fc52175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 30 Sep 2017 09:24:23 GMT
server
cloudflare
etag
W/"59cf62c7-20347"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
818302872
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
articleFile360List_822.js
hk.on.cc/hk/bkn/file360/status/20170929/ 		4 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/hk/bkn/file360/status/20170929/articleFile360List_822.js?_=202110090151
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5cada29124805d8e0454dc5b67225bbf87075cffd53418e9c56f674708220e2c

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
:path
/hk/bkn/file360/status/20170929/articleFile360List_822.js?_=202110090151
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
HIT
x-cacheable
Y09
age
2
cf-ray
69b3f709c9802175-DUS
content-length
4
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 26 Oct 2017 13:18:46 GMT
server
cloudflare
etag
"59f1e0b6-4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
380937687
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
accept-ranges
bytes
content-type
application/javascript
articleVideo_news.js
hk.on.cc/hk/bkn/video/20170929/ 		16 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/hk/bkn/video/20170929/articleVideo_news.js?_=202110090151
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a910633701d4b3e18258597c3247151848d7659f6c98550c93018fcd70d395f5

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
:path
/hk/bkn/video/20170929/articleVideo_news.js?_=202110090151
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
age
3
cf-ray
69b3f709e9a82175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 07 Dec 2017 08:55:51 GMT
server
cloudflare
etag
W/"5a290217-402f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
165685876
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=60
content-type
application/javascript
notificationCombinedList_mobile.js
hk.on.cc/hk/bkn/js/ 		339 KB
111 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/hk/bkn/js/notificationCombinedList_mobile.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cf64b0221f5ecc22eca75fdb6bb05dc292c60fd9d30d5d48ea96bcbd47ee2d4

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
:path
/hk/bkn/js/notificationCombinedList_mobile.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f70a19c92175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Oct 2021 01:50:38 GMT
server
cloudflare
etag
W/"6160f56e-54ce1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
259437366 257605309
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
magnifier_oncc.png
hk.on.cc/img/calendar/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/calendar/magnifier_oncc.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeb69a9bb2db257a960b23f0243bf86fe35d849b0b5f70625424a1a13f4d9f37

Request headers

:path
/img/calendar/magnifier_oncc.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
HIT
x-cacheable
Y10
age
7038
cf-ray
69b3f70a19ca2175-DUS
content-length
2135
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 27 May 2021 03:33:12 GMT
server
cloudflare
etag
"60af12f8-857"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
95363042 5296521
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
menu_up.png
hk.on.cc/img/v2/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/menu_up.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e65822aa8296dac8588b4c6c372dd063eaec8ecadea315860c8769b499e3cc36

Request headers

:path
/img/v2/menu_up.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
HIT
x-cacheable
Y10
age
7038
cf-ray
69b3f70a19cb2175-DUS
content-length
2879
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 24 Nov 2014 04:14:14 GMT
server
cloudflare
etag
"5472b096-b3f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
91906660 96043653
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
menu_down.png
hk.on.cc/img/v2/ 		1022 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/menu_down.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
baae6e0088307a13cc5db5d66d32ede5d254e7b120310d8f329f73a766517fb9

Request headers

:path
/img/v2/menu_down.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
HIT
x-cacheable
Y10
age
7038
cf-ray
69b3f70a19cc2175-DUS
content-length
1022
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 03 Nov 2014 06:39:08 GMT
server
cloudflare
etag
"5457230c-3fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
94401267 95918422
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
__utm.gif
hk.on.cc/img/ 		35 B
198 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/__utm.gif?utmwv=1&utmn=1552665614&utmt=event&utme=5(html*pageview*hk_content_news_%E9%A6%99%E6%B8%AF%E6%96%B0%E8%81%9E%E5%85%A7%E5%AE%B9)&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E6%8E%A8%E8%B3%BA%E7%A9%8D%E5%88%86%E5%9B%9E%E6%94%B6%E6%A9%9F%E9%BC%93%E5%8B%B5%E7%92%B0%E4%BF%9D%EF%BD%9C%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%EF%BD%9C%E6%B8%AF%E6%BE%B3%EF%BD%9Con.cc%E6%9D%B1%E7%B6%B2&utmhn=hk.on.cc&utmr=-&utmp=/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

:path
/img/__utm.gif?utmwv=1&utmn=1552665614&utmt=event&utme=5(html*pageview*hk_content_news_%E9%A6%99%E6%B8%AF%E6%96%B0%E8%81%9E%E5%85%A7%E5%AE%B9)&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E6%8E%A8%E8%B3%BA%E7%A9%8D%E5%88%86%E5%9B%9E%E6%94%B6%E6%A9%9F%E9%BC%93%E5%8B%B5%E7%92%B0%E4%BF%9D%EF%BD%9C%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%EF%BD%9C%E6%B8%AF%E6%BE%B3%EF%BD%9Con.cc%E6%9D%B1%E7%B6%B2&utmhn=hk.on.cc&utmr=-&utmp=/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
DYNAMIC
x-cacheable
Y09
age
9883
content-length
35
pragma
public
x-varnish
258679574 241693674
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 30 Mar 2012 10:07:59 GMT
server
cloudflare
etag
"4f7585ff-23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-store, max-age=0
accept-ranges
bytes
cf-ray
69b3f70a19cd2175-DUS
__utm.gif
hk.on.cc/img/ 		35 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/__utm.gif?utmwv=1&utmn=668971679&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E6%8E%A8%E8%B3%BA%E7%A9%8D%E5%88%86%E5%9B%9E%E6%94%B6%E6%A9%9F%E9%BC%93%E5%8B%B5%E7%92%B0%E4%BF%9D%EF%BD%9C%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%EF%BD%9C%E6%B8%AF%E6%BE%B3%EF%BD%9Con.cc%E6%9D%B1%E7%B6%B2&utmhn=hk.on.cc&utmr=-&utmp=https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

:path
/img/__utm.gif?utmwv=1&utmn=668971679&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E6%8E%A8%E8%B3%BA%E7%A9%8D%E5%88%86%E5%9B%9E%E6%94%B6%E6%A9%9F%E9%BC%93%E5%8B%B5%E7%92%B0%E4%BF%9D%EF%BD%9C%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%EF%BD%9C%E6%B8%AF%E6%BE%B3%EF%BD%9Con.cc%E6%9D%B1%E7%B6%B2&utmhn=hk.on.cc&utmr=-&utmp=https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
DYNAMIC
x-cacheable
Y09
age
9883
content-length
35
pragma
public
x-varnish
254878423 241693674
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 30 Mar 2012 10:07:59 GMT
server
cloudflare
etag
"4f7585ff-23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-store, max-age=0
accept-ranges
bytes
cf-ray
69b3f70a19d12175-DUS
__utm.gif
hk.on.cc/img/ 		35 B
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/__utm.gif?utmwv=1&utmn=2136669447&utmt=event&utme=5(html*broswerview*dview)&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E6%8E%A8%E8%B3%BA%E7%A9%8D%E5%88%86%E5%9B%9E%E6%94%B6%E6%A9%9F%E9%BC%93%E5%8B%B5%E7%92%B0%E4%BF%9D%EF%BD%9C%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%EF%BD%9C%E6%B8%AF%E6%BE%B3%EF%BD%9Con.cc%E6%9D%B1%E7%B6%B2&utmhn=hk.on.cc&utmr=-&utmp=/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

:path
/img/__utm.gif?utmwv=1&utmn=2136669447&utmt=event&utme=5(html*broswerview*dview)&utmcs=UTF-8&utmsr=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E6%8E%A8%E8%B3%BA%E7%A9%8D%E5%88%86%E5%9B%9E%E6%94%B6%E6%A9%9F%E9%BC%93%E5%8B%B5%E7%92%B0%E4%BF%9D%EF%BD%9C%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%EF%BD%9C%E6%B8%AF%E6%BE%B3%EF%BD%9Con.cc%E6%9D%B1%E7%B6%B2&utmhn=hk.on.cc&utmr=-&utmp=/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
DYNAMIC
x-cacheable
Y09
age
9883
content-length
35
pragma
public
x-varnish
225633985 241693674
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 30 Mar 2012 10:07:59 GMT
server
cloudflare
etag
"4f7585ff-23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-store, max-age=0
accept-ranges
bytes
cf-ray
69b3f70a19d32175-DUS
hitCount.faces
bknwebapp.on.cc/onccMainWebapp/ 		57 B
57 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bknwebapp.on.cc/onccMainWebapp/hitCount.faces?newsId=bkn-20170929111939062-0929_00822_001&pubCode=bkn&psCode=822&mediaType=web&t=1633744295054
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / JSF/1.2
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
x-powered-by
JSF/1.2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html;charset=UTF-8
cf-ray
69b3f70a29ea2175-DUS
toprank_hk.jpg
hk.on.cc/img/v2/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/toprank_hk.jpg
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5577dfc0f7d981f0e52872f70475d085675200dab0f733ba23c4edb03e6124eb

Request headers

:path
/img/v2/toprank_hk.jpg
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f70a19d42175-DUS
content-length
7004
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Jun 2015 09:06:49 GMT
server
cloudflare
etag
"55755b29-1b5c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
104823976 106177409
cache-control
public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
bkn-20170929111939062-0929_00822_001_02p.jpg
hk.on.cc/hk/bkn/cnt/news/20170929/photo/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/hk/bkn/cnt/news/20170929/photo/bkn-20170929111939062-0929_00822_001_02p.jpg?20170929130419
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9184c5678bd1a3b6073cf7ae7bb4e4e59d79eab88589ba3d8c267128c701190d

Request headers

:path
/hk/bkn/cnt/news/20170929/photo/bkn-20170929111939062-0929_00822_001_02p.jpg?20170929130419
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f70a19d52175-DUS
content-length
53061
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Sep 2017 03:53:23 GMT
server
cloudflare
etag
"59cdc3b3-cf45"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
259329022
cache-control
public, max-age=7200, s-maxage=14400, post-check=0, pre-check=0
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
bkn-20170929111939062-0929_00822_001_03p.jpg
hk.on.cc/hk/bkn/cnt/news/20170929/photo/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/hk/bkn/cnt/news/20170929/photo/bkn-20170929111939062-0929_00822_001_03p.jpg?20170929130419
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d1706f5e2610dd682cbc7ba5bb47bb28a733cc6724dba834bcd636566a746fa0

Request headers

:path
/hk/bkn/cnt/news/20170929/photo/bkn-20170929111939062-0929_00822_001_03p.jpg?20170929130419
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f70a19d72175-DUS
content-length
73377
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Sep 2017 05:04:00 GMT
server
cloudflare
etag
"59cdd440-11ea1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
258938550
cache-control
public, max-age=7200, s-maxage=14400, post-check=0, pre-check=0
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
urgent_title_hk.png
hk.on.cc/img/v2/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/urgent_title_hk.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
91688adfc8c377d69d70bba5cc65a9b1c2526a13dd79e740411a8db440071d83

Request headers

:path
/img/v2/urgent_title_hk.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f70a29dc2175-DUS
content-length
10351
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 May 2014 08:15:15 GMT
server
cloudflare
etag
"536b3d13-286f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
195327766
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
bkn-20211009010138492-1009_00822_001_01s.jpg
hk.on.cc/hk/bkn/cnt/news/20211009/photo/ 		70 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/hk/bkn/cnt/news/20211009/photo/bkn-20211009010138492-1009_00822_001_01s.jpg?20211009094518
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f2ce7cde1013adf80beb8a33256d751a37b0a4c180859cd161c60e38239c3a6

Request headers

:path
/hk/bkn/cnt/news/20211009/photo/bkn-20211009010138492-1009_00822_001_01s.jpg?20211009094518
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f70a29dd2175-DUS
content-length
72080
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Oct 2021 01:20:55 GMT
server
cloudflare
etag
"6160ee77-11990"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
256290374 209214077
cache-control
public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
bkn-20211009040029659-1009_00822_001_01s.jpg
hk.on.cc/hk/bkn/cnt/news/20211009/photo/ 		125 KB
125 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/hk/bkn/cnt/news/20211009/photo/bkn-20211009040029659-1009_00822_001_01s.jpg?20211009040435
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a44d3ec173e107b223bb7b4b74f63c780081a59fadf0f90bcaf3baec5b76dccd

Request headers

:path
/hk/bkn/cnt/news/20211009/photo/bkn-20211009040029659-1009_00822_001_01s.jpg?20211009040435
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f70a29de2175-DUS
content-length
128042
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Oct 2021 20:04:28 GMT
server
cloudflare
etag
"6160a44c-1f42a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
231261907
cache-control
public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
bkn-20211009033025856-1009_00822_001_01s.jpg
hk.on.cc/hk/bkn/cnt/news/20211009/photo/ 		134 KB
135 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/hk/bkn/cnt/news/20211009/photo/bkn-20211009033025856-1009_00822_001_01s.jpg?20211009085623
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd216a162cd25b17c6009ad87c572340ffe65299dac64a3d170dc92a508f30f3

Request headers

:path
/hk/bkn/cnt/news/20211009/photo/bkn-20211009033025856-1009_00822_001_01s.jpg?20211009085623
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f70a29df2175-DUS
content-length
137568
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Oct 2021 19:33:34 GMT
server
cloudflare
etag
"61609d0e-21960"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
229230709 121364273
cache-control
public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
bkn-20211009035834508-1009_00822_001_01s.jpg
hk.on.cc/hk/bkn/cnt/news/20211009/photo/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/hk/bkn/cnt/news/20211009/photo/bkn-20211009035834508-1009_00822_001_01s.jpg?20211009075554
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f47395e0ff2dcf39c483455c08b67d58ea1cc072368277a1f8ea4be08220d07

Request headers

:path
/hk/bkn/cnt/news/20211009/photo/bkn-20211009035834508-1009_00822_001_01s.jpg?20211009075554
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f70a29e02175-DUS
content-length
63778
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Oct 2021 23:55:46 GMT
server
cloudflare
etag
"6160da82-f922"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
248452147 246214882
cache-control
public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
bkn-20211009000521021-1009_00822_001_01s.jpg
hk.on.cc/hk/bkn/cnt/news/20211009/photo/ 		102 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/hk/bkn/cnt/news/20211009/photo/bkn-20211009000521021-1009_00822_001_01s.jpg?20211009051343
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1ef21ee22200cc7bb8cc03cb3e0149166d4f668cc61f557edbd0e7bed857961

Request headers

:path
/hk/bkn/cnt/news/20211009/photo/bkn-20211009000521021-1009_00822_001_01s.jpg?20211009051343
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f70a29e12175-DUS
content-length
104058
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Oct 2021 16:17:39 GMT
server
cloudflare
etag
"61606f23-1967a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
221723377
cache-control
public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
nav_left.png
hk.on.cc/img/v2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/nav_left.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ab9deba27aeb4c712fff3b61dfb174d0ee8ff8cda72a8d831766df37e2c0cf6

Request headers

:path
/img/v2/nav_left.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f70a29e22175-DUS
content-length
1055
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Apr 2016 09:30:09 GMT
server
cloudflare
etag
"5704d721-41f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
95918656 96075978
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
nav_right.png
hk.on.cc/img/v2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/nav_right.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6ddafbe31a54fd6596b1b311ce9bd9f829bae926e3d6bad5ff9d0a8e03a6bc0

Request headers

:path
/img/v2/nav_right.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f70a29e32175-DUS
content-length
1076
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Apr 2016 09:30:09 GMT
server
cloudflare
etag
"5704d721-434"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
90921657 96043689
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
content_back.png
hk.on.cc/img/v2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/content_back.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d632a477c1d7401f8e9d68bd1c5096c290ab22dfed0da34ba93a0bc2a6d8a3d

Request headers

:path
/img/v2/content_back.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f70a29e42175-DUS
content-length
1308
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 May 2014 08:05:44 GMT
server
cloudflare
etag
"536b3ad8-51c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
95755185 91938172
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
content_down_hk.png
hk.on.cc/img/v2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/content_down_hk.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6caa798c89899c4fbc30995876dc3746c03d22d55f3e5f317ce4ede158bacbb

Request headers

:path
/img/v2/content_down_hk.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f70a29e52175-DUS
content-length
1310
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 May 2014 08:05:45 GMT
server
cloudflare
etag
"536b3ad9-51e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
199098924 196178713
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
bkn-20170929103457813-0929_00822_001_01s.jpg
hk.on.cc/hk/bkn/cnt/news/20170929/photo/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/hk/bkn/cnt/news/20170929/photo/bkn-20170929103457813-0929_00822_001_01s.jpg?20170929112348
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acec93da4199881aef357b3b7d43e4ab075ed3c1f6281c970ae5f76d35704a4b

Request headers

:path
/hk/bkn/cnt/news/20170929/photo/bkn-20170929103457813-0929_00822_001_01s.jpg?20170929112348
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f70a29e72175-DUS
content-length
12202
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Sep 2017 03:23:40 GMT
server
cloudflare
etag
"59cdbcbc-2faa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
124183268
cache-control
public, max-age=7200, s-maxage=14400, post-check=0, pre-check=0
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
content_up_hk.png
hk.on.cc/img/v2/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/img/v2/content_up_hk.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b8b1c03ab42724e3650cfbe85b306f6dff9403d287599532bdca708bfb97c9f

Request headers

:path
/img/v2/content_up_hk.png
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f70a29e82175-DUS
content-length
1281
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 08 May 2014 08:05:47 GMT
server
cloudflare
etag
"536b3adb-501"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
198543992 197609072
cache-control
public, max-age=7200, s-maxage=14400
accept-ranges
bytes
content-type
image/png
bkn-20170929111942081-0929_00822_001_01s.jpg
hk.on.cc/hk/bkn/cnt/news/20170929/photo/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/hk/bkn/cnt/news/20170929/photo/bkn-20170929111942081-0929_00822_001_01s.jpg?20170929112921
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a06a2c805ebc2a54705ca8c503338e0d3ed42281ddd8c2f94098eee7dc900bab

Request headers

:path
/hk/bkn/cnt/news/20170929/photo/bkn-20170929111942081-0929_00822_001_01s.jpg?20170929112921
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f70a29e92175-DUS
content-length
8119
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 29 Sep 2017 03:29:07 GMT
server
cloudflare
etag
"59cdbe03-1fb7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
258299812
cache-control
public, max-age=7200, s-maxage=14400, post-check=0, pre-check=0
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html
platform.twitter.com/widgets/ Frame 7F46 		319 KB
103 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fhk.on.cc
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BE) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
364236
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 09 Oct 2021 01:51:38 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Thu, 30 Sep 2021 18:56:47 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BE)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
like.php
www.facebook.com/v10.0/plugins/ Frame D930 		0
21 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v10.0/plugins/like.php?action=recommend&app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df49e036c5fcc%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=200&href=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&layout=button_count&locale=zh_HK&sdk=joey&share=true&show_faces=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js?hash=e5cde57061fa3712123f2681cbf94a2a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v10.0/plugins/like.php?action=recommend&app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2df49e036c5fcc%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=200&href=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&layout=button_count&locale=zh_HK&sdk=joey&share=true&show_faces=false
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
cookie
fr=0GSwp2tfh6UdUbaIO..BhYPWi...1.0.BhYPWi.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
SHOF4tFWAZdClHpFPUcQfkrSKyOxx3o0Y8cSE7ZSALNLMLHMkXgwF95pz4e/G1zIgTySVmH6nuBPQ7uzE4yrhw==
content-length
0
date
Sat, 09 Oct 2021 01:51:38 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
page.php
www.facebook.com/v10.0/plugins/ Frame 2952 		109 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/sdk.js?hash=e5cde57061fa3712123f2681cbf94a2a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
/
Resource Hash
d59b4b576f1abc4aada3662219026fd135a7d43cc63bda4867f6ca655299c010
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
cookie
fr=0GSwp2tfh6UdUbaIO..BhYPWi...1.0.BhYPWi.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

vary
Accept-Encoding
content-encoding
br
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src connect.facebook.net static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ wss://*.whatsapp.com:* v.whatsapp.net *.fbsbx.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
facebook-api-version
v10.0
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
FBMrDBDVjGhzylMHNt2XqR2bTOzZ4JEvPp6MuRjwp/TXVQpE54y+A3i0OxhJugamHlYlCO1GZt426DUvE6hdxw==
date
Sat, 09 Oct 2021 01:51:38 GMT
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
syncframe
gum.criteo.com/ Frame E689 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hk.on.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

:method
GET
:authority
gum.criteo.com
:scheme
https
:path
/syncframe?origin=publishertag&topUrl=hk.on.cc
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
1954
set-cookie
uid=133f3704-f0d0-43c7-aa66-283945dabb29; expires=Thu, 03 Nov 2022 01:51:37 GMT; domain=.criteo.com; path=/; secure; samesite=none
date
Sat, 09 Oct 2021 01:51:38 GMT
content-length
4683
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js?t=202199
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 02:12:18 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
171205
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
r6bY27YnJAGcu5P6FSaIw8A69cHxx4KY19MyBtjq5DM08Ycy8BK3QA==
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/adv/web/corp/source/unicorp_v4.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
3881
date
Sat, 09 Oct 2021 00:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Sat, 09 Oct 2021 02:46:57 GMT
ajs.php
ad4.on.cc/web/www/delivery/ 		1 KB
844 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=853
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed654d5fccbedc2a1ac46c528f1d05c7d7063ec23e3387fb186b5f361afd0af1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:39 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
cf-ray
69b3f70a9a5a2175-DUS
content-type
text/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
lrec1_423.html
ad6.on.cc/web/html/google/housead/ Frame DDC9 		316 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad6.on.cc/web/html/google/housead/lrec1_423.html
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc535d5a918169bbf8d976689ab0c7ac556bdd6b0937254f93600a7fb6254f9b

Request headers

:method
GET
:authority
ad6.on.cc
:scheme
https
:path
/web/html/google/housead/lrec1_423.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
content-type
text/html; charset=UTF-8
last-modified
Wed, 03 Jun 2020 03:45:34 GMT
etag
W/"13c-5a725dc3a7380"
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=1800, s-maxage=1800
x-cacheable
L04
x-varnish
412102971
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69b3f70a9a5d2175-DUS
content-encoding
br
lrec1_422.html
ad6.on.cc/web/html/google/housead/ Frame 5BCB 		369 B
391 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/jquery-1.5.2.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d312d016339fbf7224384b7720fc29cbe5fd04e0de92928c8a99446ab962eb65

Request headers

:method
GET
:authority
ad6.on.cc
:scheme
https
:path
/web/html/google/housead/lrec1_422.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
content-type
text/html; charset=UTF-8
last-modified
Thu, 08 Apr 2021 03:05:11 GMT
etag
W/"171-5bf6d50c547c0"
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=1800, s-maxage=1800
x-cacheable
L04
x-varnish
165510887 163398077
referrer-policy
no-referrer-when-downgrade
cf-cache-status
HIT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
69b3f70a9a632175-DUS
content-encoding
br
icon
fonts.googleapis.com/ 		569 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/on_hk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 09 Oct 2021 01:51:38 GMT
server
ESF
date
Sat, 09 Oct 2021 01:51:38 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 09 Oct 2021 01:51:38 GMT
td_js_sdk_171.js
api.popin.cc/ 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/td_js_sdk_171.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/on_hk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2018 09:42:51 GMT
Server
nginx
ETag
W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status
HIT from 10.252.55.25
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
null
Expires
Sat, 09 Oct 2021 02:51:38 GMT
recommend
hk.popin.cc/popin_discovery/ 		113 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&&device=pc&media=hk.on.cc_2&extra=windows&agency=popin-tw&topn=50&ad=50&r_category=all&country=hk&redirect=true&channel=country_tw&alias=on_hk&uid=b946f6d1ca586b1bd3c1633744298676&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTMuMC40NTc3IiwidXNlcl90ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ1c2VyX3RkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidXNlcl90ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkzLjAuNDU3Ny42MyBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii9oay9ia24vY250L25ld3MvMjAxNzA5MjkvYmtuLTIwMTcwOTI5MTExOTM5MDYyLTA5MjlfMDA4MjJfMDAxLmh0bWwiLCJ1c2VyX3RkX2NoYXJzZXQiOiJ1dGYtOCIsInVzZXJfdGRfbGFuZ3VhZ2UiOiJlbi11cyIsInVzZXJfdGRfY29sb3IiOiIyNC1iaXQiLCJ1c2VyX3RkX3RpdGxlIjoiJUU4JTg2JUEwJUU2JUE4JUJEJUU1JTlCJTlFJUU2JTk0JUI2JUU3JThFJTg3JUU0JUJEJThFJUUzJTgwJTgwJUU1JTk1JTg2JUU1JUEwJUI0JUU2JThFJUE4JUU4JUIzJUJBJUU3JUE5JThEJUU1JTg4JTg2JUU1JTlCJTlFJUU2JTk0JUI2JUU2JUE5JTlGJUU5JUJDJTkzJUU1JThCJUI1JUU3JTkyJUIwJUU0JUJGJTlEJUVGJUJEJTlDJUU1JThEJUIzJUU2JTk5JTgyJUU2JTk2JUIwJUU4JTgxJTlFJUVGJUJEJTlDJUU2JUI4JUFGJUU2JUJFJUIzJUVGJUJEJTlDb24uY2MlRTYlOUQlQjElRTclQjYlQjIiLCJ1c2VyX3RkX3VybCI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwidXNlcl90ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInVzZXJfdGRfaG9zdCI6ImhrLm9uLmNjIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTYzMzc0NDI5ODY3NywiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&alg=ltr&callback=_p6_949692db8fd0
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/on_hk.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
ba1e3c140c019b93850954d64696d4b6270471955977ae3eda414e769f87bb6d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
content-encoding
gzip
cross-origin-resource-policy
cross-origin
server
nginx/1.13.5
vary
Accept-Encoding
content-type
application/javascript;charset=UTF-8
popin_discovery5-min.js
api.popin.cc/ 		152 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/popin_discovery5-min.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/searchbox/on_hk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6721eb29e8a4b596d045587d3f99e6ba44e4645120bebf28005631c9d59f9fab

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:38 GMT
Content-Encoding
gzip
Last-Modified
Fri, 17 Sep 2021 08:02:46 GMT
Server
nginx
ETag
W/"bc834cb3216414ba6919317704e311a1"
X-Cache-Status
HIT from 10.252.55.26
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
0jIRlRc_kFlB_lHLPA8acmcn0IVHDRUX
Expires
Sat, 09 Oct 2021 02:51:38 GMT
jquery.js
hk.on.cc/js/v3/ Frame 01D6 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/v3/jquery.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/ad/ctf/290x50_content.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

:path
/js/v3/jquery.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false; _ss_pp_id=b946f6d1ca586b1bd3c1633744298676
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/ad/ctf/290x50_content.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/ad/ctf/290x50_content.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
age
7045
cf-ray
69b3f70adab22175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Apr 2016 09:05:07 GMT
server
cloudflare
etag
W/"5704d143-17c52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
95270132 93399785
cache-control
public, max-age=1800, s-maxage=14400
content-type
application/javascript
serverTime.js
on.cc/js/ Frame 01D6 		35 B
231 B 		Script
General
Check archive.org
Download Go to
Full URL
https://on.cc/js/serverTime.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/ad/ctf/290x50_content.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0942dc692c78e2726e0a8e341b789f887a5d280ea107e718371fae64f23d1e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/ad/ctf/290x50_content.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
HIT
x-cacheable
L07
cf-ray
69b3f70adab32175-DUS
x-host
WL24
content-length
35
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Oct 2021 01:51:26 GMT
server
cloudflare
etag
"6160f59e-23"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
71551273 75653708
cache-control
public, max-age=5, s-maxage=5
accept-ranges
bytes
content-type
application/javascript
goldenPrice.js
hk.on.cc/img/ad/ctf/ Frame 01D6 		197 B
265 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/img/ad/ctf/goldenPrice.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/ad/ctf/290x50_content.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f969405b1ddd7cf00f56dc6778c179d82116bcfd2b8a59d39c91874d9c84d5dc

Request headers

:path
/img/ad/ctf/goldenPrice.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false; _ss_pp_id=b946f6d1ca586b1bd3c1633744298676
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://hk.on.cc/ad/ctf/290x50_content.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/ad/ctf/290x50_content.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f70adab42175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Oct 2021 01:45:06 GMT
server
cloudflare
etag
W/"6160f422-c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
250968707 258828409
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
ping
ping.chartbeat.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=hk.on.cc&p=%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&u=BN1VvvDSOmhwGLuAg&d=hk.on.cc&g=65943&g0=hknews&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1571&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=15300&t=BS84zJEuS9iBwjySaCT0aBDKl2fd&V=128&i=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E6%8E%A8%E8%B3%BA%E7%A9%8D%E5%88%86%E5%9B%9E%E6%94%B6%E6%A9%9F%E9%BC%93%E5%8B%B5%E7%92%B0%E4%BF%9D%EF%BD%9C%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%EF%BD%9C%E6%B8%AF%E6%BE%B3%EF%BD%9Con.cc%E6%9D%B1%E7%B6%B2&tz=0&sn=1&sv=BX3TaoCv0-qS1MgbeDyozVbBVDdWC&sd=1&im=067b0fff&_
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.20.138.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-20-138-141.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
json
gum.criteo.com/sid/ Frame E689 		439 B
528 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=on.cc&sn=ChromeSyncframe&so=0&topUrl=hk.on.cc&cw=1&lsw=1
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hk.on.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
0474f3181bdca54c9777204b500b0ae3993fb69787662bb6c5490afcb65634c4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=hk.on.cc
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sat, 09 Oct 2021 01:51:38 GMT
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2122
expires
0
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=7914332&c3=&c4=&c5=&c6=&c15=&ns__t=1633744298720&ns_c=UTF-8&cv=3.5&c8=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E6...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=7914332&c3=&c4=&c5=&c6=&c15=&ns__t=1633744298720&ns_c=UTF-8&cv=3.5&c8=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E...
64 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=7914332&c3=&c4=&c5=&c6=&c15=&ns__t=1633744298720&ns_c=UTF-8&cv=3.5&c8=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E6%8E%A8%E8%B3%BA%E7%A9%8D%E5%88%86%E5%9B%9E%E6%94%B6%E6%A9%9F%E9%BC%93%E5%8B%B5%E7%92%B0%E4%BF%9D%EF%BD%9C%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%EF%BD%9C%E6%B8%AF%E6%BE%B3%EF%BD%9Con.cc%E6%9D%B1%E7%B6%B2&c7=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&c9=
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.253.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-253-71.fra6.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
T9-t5FOGBurzq9ScJacYqoDPLxUbw-UIsZWTSsXt9ZCLSe4dxQ4Qlg==

Redirect headers

date
Sat, 09 Oct 2021 01:51:38 GMT
via
1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA6-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=7914332&c3=&c4=&c5=&c6=&c15=&ns__t=1633744298720&ns_c=UTF-8&cv=3.5&c8=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E6%8E%A8%E8%B3%BA%E7%A9%8D%E5%88%86%E5%9B%9E%E6%94%B6%E6%A9%9F%E9%BC%93%E5%8B%B5%E7%92%B0%E4%BF%9D%EF%BD%9C%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%EF%BD%9C%E6%B8%AF%E6%BE%B3%EF%BD%9Con.cc%E6%9D%B1%E7%B6%B2&c7=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&c9=
content-length
529
x-amz-cf-id
kskkV7IrFrZbtP9W10O7XMa8jva9BS1imIIFQGUXGkuq-hg7idozIA==
settings
syndication.twitter.com/ Frame 7F46 		232 B
431 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=006efe52f0ab735ccd3bf0cf315069e0748185ef
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.58065ae230495f5d9e4b6a916472b2c1.html?origin=https%3A%2F%2Fhk.on.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
gzip
last-modified
Sat, 09 Oct 2021 01:51:38 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
72d20e796288ff5ec7408cd5b233db3ead7368adae853462251b0bec429fc82a
content-length
166
o3b0POPu5mD.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/1,cross/ Frame 2952 		26 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/1,cross/o3b0POPu5mD.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
a779a4121b8d6c726cabbb6584c14ab12bca2c8baa71cfdf6579bfdb86aa2e0f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
4tQaUowX11qpajIp4Vgjlg==
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
5890
x-fb-rlafr
0
x-fb-debug
ObWuVjiN5yX5KD7BoZk5xPCU9JTDuvgu4r3GS2Lm40LLRyjYKTrhFltg5mEj+thqs677tPke2nXqaaWhL31V5Q==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 08 Oct 2022 16:23:28 GMT
ULhj3WBzFj6.css
static.xx.fbcdn.net/rsrc.php/v3/yK/l/1,cross/ Frame 2952 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/1,cross/ULhj3WBzFj6.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
4f89c3f5e60250f63a380675d25b1d0befb14bebac1b7361333f09d1686d6ea2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FRVKHr1AMRE5jrCfglh8nQ==
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
901
x-fb-rlafr
0
x-fb-debug
eFDHixkwXnoPOMdqJs1tDroNj2XFo65Vlg1jf1mQsIoD8VfcsDJ+fkZoC7jCxJumLrN5ziVRtpfcSrGEqQMGzQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 07 Oct 2022 20:12:47 GMT
uC0SNrCws5X.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/1,cross/ Frame 2952 		33 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/1,cross/uC0SNrCws5X.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
c7a0487d74a704047df1de9cfa673cb5afcf1c5e865264e60bbfba4c5d0e6664
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
x2yyF7175w2zad4dh/RqZQ==
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
6527
x-fb-rlafr
0
x-fb-debug
8UWvucuzxc1ppQ1XtCjGpbLYOfQUnKY3GQeAJl/gI+wpfwy+tuTnGde73F/1kDYDRw9k8W4lztl1c6pWJNyXEg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 06 Oct 2022 14:21:53 GMT
CDBUf3L5Iup.js
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 2952 		300 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/CDBUf3L5Iup.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
cf8c4e6304712bf09958038528196d87079449c1701c5910859358ff8f175ea8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
2atFXW942+WxmS3wVGVhHw==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
83257
x-fb-rlafr
0
x-fb-debug
51dyt/a9MIhWbmpuQgSx1uNx1UexID58erXIPuk4D4IC5X3ldMBOMGFLvn6ieYatUYZKFsJnI7c4ggGw0+1eNQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 30 Sep 2022 18:56:24 GMT
R8Z09NEQ1-s.js
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 2952 		66 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/R8Z09NEQ1-s.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
5d6e17800d360a1c1649bfa8d3d607a770775debd70161694f639707164a00f0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
YiUrUuHhtucAPLLES1MoHA==
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
20800
x-fb-rlafr
0
x-fb-debug
f2m348ZFxi5UMMi/rtL/7dktGbEJQQC8GRzuUezWxmyAyr//5fXppSh+cwfwIynuWp827zEn8O8zK7O4kv50aA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 08 Oct 2022 23:34:58 GMT
ryRdI-yaEV4.js
static.xx.fbcdn.net/rsrc.php/v3ioTW4/yu/l/zh_HK/ Frame 2952 		125 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yu/l/zh_HK/ryRdI-yaEV4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
7f97673cf66b00904b2cdaa4c3a35841fe6608592b4a7ea46de1a4814f9df1ba
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
KTrh9mjshWrCvpm1HAHV9A==
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
35641
x-fb-rlafr
0
x-fb-debug
KmlWWK6GWIl95LHx8HA2qIjkZ4qNwAgpCqxtm4R4daZeqozkExAyrFCMaB3TO5M10bN/NaQZ4WRmfO+xrykQ3Q==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 06 Oct 2022 21:46:27 GMT
GG1Y0sYc7My.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 2952 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kw22OIA6eDgOltzbJdNVmQ==
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1640
x-fb-rlafr
0
x-fb-debug
2kOBrcuwTscv0qtC67tYpd4rb/IxGYVs0cMFK83gannJs9ACU4OggLuED6OOxdbwqGWRHz2sis2F+zsHOnuaWA==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 07 Oct 2022 20:51:59 GMT
oxdNCjM1qfg.js
static.xx.fbcdn.net/rsrc.php/v3/yl/r/ Frame 2952 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yl/r/oxdNCjM1qfg.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
228ae3149807ca543bf4adb5e08c2d5f78d5ecdf68ce1112c58061eb4f9e0562
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FiBMzkdtnVnku3uuSSaR+w==
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
5106
x-fb-rlafr
0
x-fb-debug
kj3xkv/eMczCj3Gq6fEICtrQMpd8xMOiZ0YqxD+ioKzonIHyagScUVMYMbqqKXzFWX4ihRR4Hw05bfGN88TdPQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 08 Oct 2022 23:34:58 GMT
KasMH70y6uu.js
static.xx.fbcdn.net/rsrc.php/v3iCQG4/yn/l/zh_HK/ Frame 2952 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iCQG4/yn/l/zh_HK/KasMH70y6uu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
ac340918fa8787c92714feb51582842912f3d801643adc30e2c696d5beb84c16
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
PjiBmnbmatqmKp72z5veSQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
7194
x-fb-rlafr
0
x-fb-debug
Qfa8lZSCsx1/HsLrF4LvkGVDS6iD3U2aPA5IferhD+gbFBwIRi61g69EY72K87gkFAd2RVtz1ofbZVgTjU24eg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 06 Oct 2022 21:53:37 GMT
g63IPxU0ohe.js
static.xx.fbcdn.net/rsrc.php/v3/yI/r/ Frame 2952 		155 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yI/r/g63IPxU0ohe.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
f9044316dcfa2fcaeb9c7af4bf701bbe3a6838866ee4920d47bbe163f0ff2e6c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
tMdtWd9LAluiJFiIIeUdEw==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
46757
x-fb-rlafr
0
x-fb-debug
k+Cx3WNKnHLdjhKgW5hzxu5VMqZRVD3N/gfRnD57pvOHkTSFZ2aJJFPT9fiSZVp9hqTdPt05eY3wz2okv7OWLw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 30 Sep 2022 18:00:34 GMT
VDi03lvMsFj.js
static.xx.fbcdn.net/rsrc.php/v3ikuO4/yz/l/zh_HK/ Frame 2952 		432 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ikuO4/yz/l/zh_HK/VDi03lvMsFj.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
466aef5d91a0d9ddaecb918a3f22311f84107a79f36db4bebb803294f555d3ec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
R6RgjMr3TZC74GQkNbf0eQ==
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
104598
x-fb-rlafr
0
x-fb-debug
cz/k6GFrgQBrSG2Hd5ccnCDN0QCwk4E9KnKO9ewBKwNhVeQbjR1P5SC/nSl8u4oDLUYGxi1OVR2BY1yCA2sNEQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 08 Oct 2022 11:42:08 GMT
8N5ucqJfKsi.js
static.xx.fbcdn.net/rsrc.php/v3/yG/r/ Frame 2952 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yG/r/8N5ucqJfKsi.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
a3d03036ec93ec91b7e43ca3941878bd185d08de48ab9a777a4616ec01d281fe
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
kbITf9fGfYhjQsQ66dkKkQ==
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
5432
x-fb-rlafr
0
x-fb-debug
YvAySD6kQK3YvepxWAjGNb2JIzuTF7X/hWpXEMx/P5yYLRf5BF1H6XPpqX32IBU/+fdgbpRM0td7sMj7jSPbvw==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 08 Oct 2022 23:34:58 GMT
rTI5uu6VSyv.js
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame 2952 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/rTI5uu6VSyv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
1923805a44d1944281dfbbeb7cb956c1efe2f55f968bb61fd93ae1c9612d721f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8Ap7dUiQzGnsB+7O9Uq3qw==
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1743
x-fb-rlafr
0
x-fb-debug
9KyWeiRBRUaQZvPt50Nh4GR2yetdwo21MrvMIe51huHh3NN8Z92smMayCrhxrY1Cwdzjh+MUNu+SQKW7+CHyRg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 07 Oct 2022 21:32:36 GMT
aB3FITMVbfJ.js
static.xx.fbcdn.net/rsrc.php/v3/y4/r/ Frame 2952 		95 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/r/aB3FITMVbfJ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
62c6651e95b797e7856e126c0e3db49e24f50431dc4c4880222b8adc3551b78f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
lzd22PM9s8MQSjaNz1zghQ==
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
26780
x-fb-rlafr
0
x-fb-debug
ANlhUePDM1tJcGn/i1s9vZA3QW2oAInGhwLcPcm7ryhI2qYwvY2At5YsCcq2CGMl4L/C0d38A3tDgN3irrN57Q==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 07 Oct 2022 21:32:25 GMT
jX0819LCD5Y.js
static.xx.fbcdn.net/rsrc.php/v3/yW/r/ Frame 2952 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yW/r/jX0819LCD5Y.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
faea48f63ed0def0a3d512778e3eb583c7a2d78173b884af12d652474c296d8f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
wuqGyMEXPrnXU1iJWa5MlA==
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
8503
x-fb-rlafr
0
x-fb-debug
HoM7JaSeiGToEfH8sTzKsutDJpAj8N3BAgHjgN/LWiL278W23PJzjo38TmZpvMFO639Mey8TTs+gtu8d/Gu2yg==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 08 Oct 2022 15:47:28 GMT
5T_VJrdWbla.js
static.xx.fbcdn.net/rsrc.php/v3/yr/r/ Frame 2952 		286 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yr/r/5T_VJrdWbla.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
ff5d8a028ff39c502c3fa2b253693b90569f9a9c87051899d92a37d75017657c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Xq7YYkWMF0ltH3byb44xlQ==
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
65863
x-fb-rlafr
0
x-fb-debug
O6H1KACA3sFSxMCfki7Q/oOR43vWfHzudsBbCb8Sj0BUdOopbcDnTzgaC9ONEaU+HZWUaoFqixuJPR/QMUnIoQ==
x-fb-trip-id
917726464
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 08 Oct 2022 23:34:58 GMT
243288599_10159325513262655_3406989839463356806_n.jpg
scontent.xx.fbcdn.net/v/t1.6435-9/p130x130/ Frame 2952 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t1.6435-9/p130x130/243288599_10159325513262655_3406989839463356806_n.jpg?_nc_cat=103&ccb=1-5&_nc_sid=dd9801&_nc_ohc=8E9vEiBwHIcAX8kkRQf&_nc_ht=scontent.xx&edm=AD5vYhEEAAAA&oh=310ea920098d983d8dab78dd0942dbae&oe=6184E32A
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
63b118f308a4a5d222dc7aa911ca308d4c898dbeb96ab85579a664c8098354e1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum
2007166099
date
Sat, 09 Oct 2021 01:51:38 GMT
x-fb-trip-id
917726464
last-modified
Fri, 08 Oct 2021 07:03:32 GMT
x-everstore-replication-factor
2
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
91142672
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
9480
244401944_10159325514452655_4872602770939383291_n.jpg
scontent.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/ Frame 2952 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.xx.fbcdn.net/v/t1.6435-1/cp0/p50x50/244401944_10159325514452655_4872602770939383291_n.jpg?_nc_cat=1&ccb=1-5&_nc_sid=dbb9e7&_nc_ohc=YVV03VX6pVUAX9hwHAo&_nc_oc=AQkmfXGcrsn0s1068G5TM1R8QCrdvnSMMUXF_AlCy8XuRcAb5fDGCbLWKezGCi1mkpI&_nc_ht=scontent.xx&edm=AD5vYhEEAAAA&oh=a402d104a342899609aff1dd72dc6f45&oe=61880118
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
31e7e5c64a4438bfa791df46d35d38a55054845a6ffd7a4cd7704a644cbc88f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-haystack-needlechecksum
1097881534
date
Sat, 09 Oct 2021 01:51:38 GMT
x-fb-trip-id
917726464
last-modified
Fri, 08 Oct 2021 07:04:29 GMT
x-everstore-replication-factor
2
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
X-FB-CEC-Video-Limit
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
1548792800
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1485
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=633741726&t=pageview&_s=1&dl=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ul=en-us&de=UTF-8&dt=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E6%8E%A8%E8%B3%BA%E7%A9%8D%E5%88%86%E5%9B%9E%E6%94%B6%E6%A9%9F%E9%BC%93%E5%8B%B5%E7%92%B0%E4%BF%9D%EF%BD%9C%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%EF%BD%9C%E6%B8%AF%E6%BE%B3%EF%BD%9Con.cc%E6%9D%B1%E7%B6%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_utma=178303933.1552665614.1633744295.1633744295.1633744295.1&_utmz=178303933.1633744295.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)&_utmht=1633744298765&_u=IQBCAAABAAAAAC~&jid=1931290664&gjid=798296019&cid=1552665614.1633744295&tid=UA-57924738-1&_gid=1073457970.1633744299&_r=1&_slc=1&z=1760281528
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.174 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hk.on.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
qGoWo6gBwwP.png
static.xx.fbcdn.net/rsrc.php/v3/yy/r/ Frame 2952 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yy/r/qGoWo6gBwwP.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/1,cross/o3b0POPu5mD.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/1,cross/o3b0POPu5mD.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
x-content-type-options
nosniff
content-md5
iN31dShDArRt9ZikrDb13w==
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2616
x-fb-rlafr
0
x-fb-debug
XxPpmaR0/A93juviXg4Zwn/MR1pijaOQ84P1pNGs0jE/w21234pmiBj8u2d37AR7xhHI9Xk6rxPDRgCiGB5NjA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 29 Sep 2022 23:40:24 GMT
mOcgOmDDSbN.png
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame 2952 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/mOcgOmDDSbN.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/1,cross/o3b0POPu5mD.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
3dc936b3c6e476fbbbfea1c5d962f4bee0e3636450608357ffcf9e6e92e0d596
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/1,cross/o3b0POPu5mD.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fb-debug
6n8qe5dNzbFd24OrECyrT7NWlo2qOuxaPxmUPyU6D8sC8C3pHcFMl7/NOo0rj3A2r+SWG9eEG2aYTyZYbuBMLQ==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
2bKr5oI1XogALo4o3p6kDA==
date
Sat, 09 Oct 2021 01:51:38 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1193
x-fb-rlafr
0
expires
Thu, 29 Sep 2022 15:48:13 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame 2952 		1 KB
725 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=10155406251272655&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yu/l/zh_HK/ryRdI-yaEV4.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
/
Resource Hash
e18c5ef36f7d9551309467111e398253bbcc674957ae34725291fd2d89363ac3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
npvJ-8a6ngWBxwKIUBQ4JT
Referer
https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
H5CPd0hUuLsdcD1Q/iGnHrh1AjwQ4L9Ei4EJ59UwiGC8RepULVdSLdJ/B6l1vsv61Vza0cZ9h0k0wSQ1451BWw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sat, 09 Oct 2021 01:51:38 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
UL9AxhGrrCI.js
static.xx.fbcdn.net/rsrc.php/v3/yB/r/ Frame 2952 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yB/r/UL9AxhGrrCI.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/CDBUf3L5Iup.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
e08a4d0be4f20b3fc5e1c59ae29731a3f2d03abac992e3be1b4a1bf1ae0ed4fd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
ozxnsGEO6qp4GZOC727j8A==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
5983
x-fb-rlafr
0
x-fb-debug
j++5KOfXNxhoABhAuceZezio3sjhs+C6ZrkEacHjUTdUBiXbUCxLhTzX+4Q0OSIv5PmxPDIRbGOaz6Gi69VMZQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 07 Oct 2022 21:24:05 GMT
cN-N4Eu_deZ.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame 2952 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/cN-N4Eu_deZ.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/CDBUf3L5Iup.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XkHzn1WHKMxOAJmWI3FJ7A==
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
2277
x-fb-rlafr
0
x-fb-debug
0KAzhQdLLMweso+e4T/Y+dipBEO6ynKFdpKVGleTs8YrS/8sG7yy57/v2Pp6cgTZnhh/zpZ5pt/4H0uqncpQPQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 07 Oct 2022 21:28:15 GMT
xG4KFqp6GLv.js
static.xx.fbcdn.net/rsrc.php/v3/yt/r/ Frame 2952 		361 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yt/r/xG4KFqp6GLv.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/CDBUf3L5Iup.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
d1a62604b6cbb7cc663de93e44d12c4470c79f2d5168b14f56a633db26d3836f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6siDxoj6g+WmBmNLcL9oDw==
content-security-policy-report-only
default-src https: data: wss: blob: chrome-extension: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
78897
x-fb-rlafr
0
x-fb-debug
DvQlfoLEYc+m9ZUD4swY6HFqFGM0YS6eTR9FNYC1OrD+kD3opivkBIZRs9IGkVBTkSxWKN3qTnyZMzmYfLnDYA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 07 Oct 2022 22:23:51 GMT
BqEjD1dj1pL.js
static.xx.fbcdn.net/rsrc.php/v3/yY/r/ Frame 2952 		888 B
433 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yY/r/BqEjD1dj1pL.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/CDBUf3L5Iup.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
aeb79106b2e11ba22cb8bc42024ee8ac2c2aebc710070990eecb2dbf03602a54
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
W0GjseafI92ObXQDDMiLwQ==
content-security-policy-report-only
default-src fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'unsafe-inline' 'unsafe-eval';report-uri https://www.xx.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
379
x-fb-rlafr
0
x-fb-debug
WfbLcnGzE5CKkUZoO1LNo4HzHvcMr2ONubr1cMSMsyVkx/a+9vMR2d8gbcaXL5LDwX8c+rQbFACzY+18K6OQjw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 07 Oct 2022 21:07:05 GMT
hV1-kQCATbB.png
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ Frame 2952 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/r/hV1-kQCATbB.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/1,cross/uC0SNrCws5X.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
5a0048899635d9ede4c6db7c11de65bca67887d495265ea686dc4a6b2b24df49
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/1,cross/uC0SNrCws5X.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fb-debug
JH/FqRFwh/GsBcXOAkzJaIVYATC4OrqHiQ6OsLHbAId7Tp6ZxsGuSIkeiNB34W1RZw97+Rx+xZiqLfL6GddybQ==
x-content-type-options
nosniff
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-md5
xHfMQhXgdZ4V8CC7WRykMA==
date
Sat, 09 Oct 2021 01:51:38 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
priority
u=3,i
timing-allow-origin
*
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
12005
x-fb-rlafr
0
expires
Thu, 29 Sep 2022 15:48:22 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-57924738-1&cid=1552665614.1633744295&jid=1931290664&gjid=798296019&_gid=1073457970.1633744299&_u=IQBCAAAAAAAAAC~&z=1779931500
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.133.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wo-in-f157.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sat, 09 Oct 2021 01:51:38 GMT
content-type
text/plain
access-control-allow-origin
https://hk.on.cc
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
button.5d16ecc02fbaf599a24dfb57ab239320.js
platform.twitter.com/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/button.5d16ecc02fbaf599a24dfb57ab239320.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:38 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Sep 2021 18:56:33 GMT
Server
ECS (frb/67BA)
Age
364236
Etag
"6b95f5a9a2ff4b885e2eafdf446d70d0+gzip"
Vary
Accept-Encoding
x-tw-cdn
VZ
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=315360000
X-Cache
HIT
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Content-Length
2296
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame 2952 		245 B
218 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/CDBUf3L5Iup.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-frx5.fbcdn.net
Software
/
Resource Hash
1012db27ec1cb433b46f471bb11c18fec71f59c5fa6f6520c87ff374e4ef0325
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:38 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Sj0Q4egSj1eTua951vhlbw==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
165
x-fb-rlafr
0
x-fb-debug
7NfKJWmZ7EYGmvX46O9AOpHc+TVnZbnDePyqhxYh6o8wIReoNEbl0XS0+CtcS/oZGEC5NjTL2qhKxx7nit4QcA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 30 Sep 2022 17:30:00 GMT
tweet_button.58065ae230495f5d9e4b6a916472b2c1.en.html
platform.twitter.com/widgets/ Frame 9598 		32 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/tweet_button.58065ae230495f5d9e4b6a916472b2c1.en.html
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
93.184.220.66 London, United Kingdom, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BA) /
Resource Hash
fca9fbc2b7bad4d08e4b4cfe80420df03b1bfa4cc2988540b4e816cc905bf33f

Request headers

Host
platform.twitter.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
364236
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Sat, 09 Oct 2021 01:51:38 GMT
Etag
"a4ee8ee440f819aba90d7a1be062a8d7+gzip"
Last-Modified
Thu, 30 Sep 2021 18:56:41 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BA)
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
12235
/
www.facebook.com/login/ Frame 2952 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv10.0%2Fplugins%2Fpage.php%3Fapp_id%3D1551914855123169%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3abc1aab01832c%2526domain%253Dhk.on.cc%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhk.on.cc%25252Ff2b34054208814c%2526relation%253Dparent.parent%26container_width%3D300%26height%3D215%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fonccnews%26locale%3Dzh_HK%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26width%3D298
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/CDBUf3L5Iup.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.236.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-frx5.facebook.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/login/?next=https%3A%2F%2Fwww.facebook.com%2Fv10.0%2Fplugins%2Fpage.php%3Fapp_id%3D1551914855123169%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df3abc1aab01832c%2526domain%253Dhk.on.cc%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fhk.on.cc%25252Ff2b34054208814c%2526relation%253Dparent.parent%26container_width%3D300%26height%3D215%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fonccnews%26locale%3Dzh_HK%26sdk%3Djoey%26show_facepile%3Dtrue%26show_posts%3Dfalse%26width%3D298
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298
accept-encoding
gzip, deflate, br
cookie
fr=0GSwp2tfh6UdUbaIO..BhYPWi...1.0.BhYPWi.
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.facebook.com/v10.0/plugins/page.php?app_id=1551914855123169&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3abc1aab01832c%26domain%3Dhk.on.cc%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhk.on.cc%252Ff2b34054208814c%26relation%3Dparent.parent&container_width=300&height=215&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fonccnews&locale=zh_HK&sdk=joey&show_facepile=true&show_posts=false&width=298

Response headers

vary
Accept-Encoding
content-encoding
br
set-cookie
fr=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=-1633744297; path=/; domain=.facebook.com; httponly
x-fb-rlafr
0
cross-origin-opener-policy
unsafe-none
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options
nosniff
x-xss-protection
0
content-security-policy-report-only
default-src 'self' data: blob: https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src static.xx.fbcdn.net 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net data:;connect-src wss://gateway.facebook.com wss://edge-chat.facebook.com *.facebook.com *.fbcdn.net wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com;frame-src *.facebook.com *.fbsbx.com;worker-src blob: *.facebook.com;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy
default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
content-type
text/html; charset="utf-8"
x-fb-debug
yvkURmch9pCy5X080bxQmRBI7QpOunKBNkVZd3iKy7zWeKpD7+dDGhXCxGIPwEAe46l4FWhlGp0MW6mELViaxA==
date
Sat, 09 Oct 2021 01:51:39 GMT
priority
u=3,i
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
truncated
/ Frame 9598 		822 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/svg+xml
jot
syndication.twitter.com/i/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Anocount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1633744299058%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22fcb1942%3A1632982954711%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22share%22%2C%22action%22%3A%22impression%22%7D%7D
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
pragma
no-cache
last-modified
Sat, 09 Oct 2021 01:51:39 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
72d20e796288ff5ec7408cd5b233db3ead7368adae853462251b0bec429fc82a
x-transaction
f754d41dbc7b354d
expires
Tue, 31 Mar 1981 05:00:00 GMT
jquery.js
hk.on.cc/js/v4/ Frame 5BCB 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/js/v4/jquery.js
Requested by
Host: ad6.on.cc
URL: https://ad6.on.cc/web/html/google/housead/lrec1_422.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf

Request headers

:path
/js/v4/jquery.js
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false; _ss_pp_id=b946f6d1ca586b1bd3c1633744298676; _cb=BN1VvvDSOmhwGLuAg; _chartbeat2=.1633744298689.1633744298689.1.BX3TaoCv0-qS1MgbeDyozVbBVDdWC.1; _cb_svref=null; _ga=GA1.3.1552665614.1633744295; _gid=GA1.3.1073457970.1633744299; _gat=1; cto_bundle=v1J8iV8zaEpDUUtiaHlsemNIMmVLTGZrOGhtSXMxems2Vm84JTJGa2k0NzJYbWI0TCUyRnBRVmZmbmN5OE1OcEtXeGNvZkRGSDBZejNOa2ZYTUpBOVY1bmZkeWZwYmxRcWl6QmpLNzZ2T2s0a3olMkJ5WSUyRmxvbmgyZjVnTUxrN3RoWmhuaEZTYVlKNFgxMnRnRGNwJTJCUmNPQkwwaGUlMkIlMkIzUSUzRCUzRA; _td=85b40c93-e4f5-45a4-998d-539793b078dc
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
hk.on.cc
referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
:scheme
https
sec-fetch-site
same-site
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y10
cf-ray
69b3f7100ee12175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 26 Aug 2019 02:51:22 GMT
server
cloudflare
etag
W/"5d63492a-17c52"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
437909148 435909399
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5
content-type
application/javascript
ajs.php
ad4.on.cc/web/www/delivery/ Frame 5BCB 		1 KB
904 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=422
Requested by
Host: ad6.on.cc
URL: https://ad6.on.cc/web/html/google/housead/lrec1_422.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21e97d6f99de2231f721d901ae794d136aed5aa4230f44d751ddceefd3e198e3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
cf-ray
69b3f7100ee22175-DUS
content-type
text/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
300x250.gif
ad6.on.cc/web/html/housead/promotion20161011/ 		226 KB
226 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad6.on.cc/web/html/housead/promotion20161011/300x250.gif
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14214f831b3a365b9ef0780e0afab8981a2e57c1b41b7da455a8b78780ca8156

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
HIT
x-cacheable
L03
age
11102
cf-ray
69b3f7101ee52175-DUS
content-length
231476
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Oct 2021 10:17:31 GMT
server
cloudflare
etag
"38834-5cdd4afe7fe0f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
660436541 664327390
access-control-allow-origin
*
cache-control
public, max-age=21600, s-maxage=21600
accept-ranges
bytes
content-type
image/gif
lg.php
ad4.on.cc/web/www/delivery/ 		43 B
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4.on.cc/web/www/delivery/lg.php?bannerid=2688&campaignid=863&zoneid=853&loc=1&referer=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&cb=23961ff76b
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:40 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
accept-ranges
bytes
cf-ray
69b3f7101ee62175-DUS
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
ajs.php
ad4.on.cc/web/www/delivery/ Frame DDC9 		1 KB
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=423
Requested by
Host: ad6.on.cc
URL: https://ad6.on.cc/web/html/google/housead/lrec1_423.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1a60c1648f87cf362181fa6e723a934a29f65d0279d8248d3dff22af1591ae7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
br
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
cf-ray
69b3f7101ee72175-DUS
content-type
text/javascript; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
290x50.jpg
hk.on.cc/ad/ctf/ Frame 01D6 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hk.on.cc/ad/ctf/290x50.jpg
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/ad/ctf/290x50_content.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ae7f0fd543760d588139b1ab722dbc3877832457b9ad0e3f3b566e8d7bdc1ae

Request headers

:path
/ad/ctf/290x50.jpg
pragma
no-cache
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false; _ss_pp_id=b946f6d1ca586b1bd3c1633744298676; _cb=BN1VvvDSOmhwGLuAg; _chartbeat2=.1633744298689.1633744298689.1.BX3TaoCv0-qS1MgbeDyozVbBVDdWC.1; _cb_svref=null; _ga=GA1.3.1552665614.1633744295; _gid=GA1.3.1073457970.1633744299; _gat=1; cto_bundle=v1J8iV8zaEpDUUtiaHlsemNIMmVLTGZrOGhtSXMxems2Vm84JTJGa2k0NzJYbWI0TCUyRnBRVmZmbmN5OE1OcEtXeGNvZkRGSDBZejNOa2ZYTUpBOVY1bmZkeWZwYmxRcWl6QmpLNzZ2T2s0a3olMkJ5WSUyRmxvbmgyZjVnTUxrN3RoWmhuaEZTYVlKNFgxMnRnRGNwJTJCUmNPQkwwaGUlMkIlMkIzUSUzRCUzRA; _td=85b40c93-e4f5-45a4-998d-539793b078dc
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
hk.on.cc
referer
https://hk.on.cc/ad/ctf/290x50_content.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/ad/ctf/290x50_content.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:39 GMT
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f7103efe2175-DUS
content-length
12680
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 14 Dec 2018 07:39:49 GMT
server
cloudflare
etag
"5c135e45-3188"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
682740042 681728180
cache-control
public, max-age=5, s-maxage=5, stale-if-error=600, stale-while-revalidate=30
accept-ranges
bytes
content-type
image/jpeg
cf-bgj
h2pri
space.gif
ad6.on.cc/web/html/ Frame 01D6
Redirect Chain
  • https://ad4.on.cc/web/adview.php?bannerid=6414
  • https://ad6.on.cc/web/html/space.gif
43 B
192 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad6.on.cc/web/html/space.gif
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/ad/ctf/290x50_content.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/ad/ctf/290x50_content.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
cf-cache-status
HIT
x-cacheable
L04
age
12012
content-length
43
x-varnish
93333004 94163268
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 06 Aug 2014 02:46:44 GMT
server
cloudflare
etag
"2b-4ffecfb84ed00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=21600, s-maxage=21600
accept-ranges
bytes
cf-ray
69b3f7159b702175-DUS

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:40 GMT
cf-cache-status
MISS
server
cloudflare
location
https://ad6.on.cc/web/html/space.gif
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
cf-ray
69b3f7103f052175-DUS
content-type
text/html
expires
Mon, 26 Jul 1997 05:00:00 GMT
bkn-20211009080031592-1009_00882_001.js
hk.on.cc/hk/bkn/cnt/sport/20211009/ 		6 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hk.on.cc/hk/bkn/cnt/sport/20211009/bkn-20211009080031592-1009_00882_001.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb003caba28027814abbac8dbc3a5bc03c3c5e4cde2232c2464e43048eab30

Request headers

sec-fetch-mode
cors
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
x-requested-with
XMLHttpRequest
sec-fetch-dest
empty
cookie
__cfruid=0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283; lang=zh; _cb_ls=1; __gads=ID=e368636ebb60efca:T=1633744291:S=ALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg; __utma=178303933.1552665614.1633744295.1633744295.1633744295.1; __utmb=178303933; __utmc=178303933; __utmz=178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none); inactivity=false; _ss_pp_id=b946f6d1ca586b1bd3c1633744298676; _cb=BN1VvvDSOmhwGLuAg; _chartbeat2=.1633744298689.1633744298689.1.BX3TaoCv0-qS1MgbeDyozVbBVDdWC.1; _cb_svref=null; _ga=GA1.3.1552665614.1633744295; _gid=GA1.3.1073457970.1633744299; _gat=1; cto_bundle=v1J8iV8zaEpDUUtiaHlsemNIMmVLTGZrOGhtSXMxems2Vm84JTJGa2k0NzJYbWI0TCUyRnBRVmZmbmN5OE1OcEtXeGNvZkRGSDBZejNOa2ZYTUpBOVY1bmZkeWZwYmxRcWl6QmpLNzZ2T2s0a3olMkJ5WSUyRmxvbmgyZjVnTUxrN3RoWmhuaEZTYVlKNFgxMnRnRGNwJTJCUmNPQkwwaGUlMkIlMkIzUSUzRCUzRA; _td=85b40c93-e4f5-45a4-998d-539793b078dc; pushLatestId=bkn-20211009080031592-1009_00882_001
:path
/hk/bkn/cnt/sport/20211009/bkn-20211009080031592-1009_00882_001.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
:authority
hk.on.cc
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
br
cf-cache-status
HIT
x-cacheable
Y09
cf-ray
69b3f711982b2175-DUS
pragma
public
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 09 Oct 2021 00:43:54 GMT
server
cloudflare
etag
W/"6160e5ca-1629"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
253377551 251783119
access-control-allow-origin
*
cache-control
public, max-age=15, s-maxage=15
content-type
application/javascript
popin_send_cookie_set_fail.js
api.popin.cc/test/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
bceba3fa49d68bb042d5b06465679c6403958c88225a3850ab00f86b420b6295

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:39 GMT
Content-Encoding
gzip
Last-Modified
Fri, 01 Oct 2021 03:46:53 GMT
Server
nginx
ETag
W/"9abf40f5d1f80dc776f8fe3f3569efb2"
X-Cache-Status
HIT from 10.252.55.26
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
njo1ApxSZGMxCPG5wAzEEq79mXAkKwek
Expires
Sat, 09 Oct 2021 02:51:39 GMT
live_feed_v3.js
tv.on.cc/js/live/ 		4 B
179 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tv.on.cc/js/live/live_feed_v3.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.136.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace810d7e2cbb4f8c40ce09dc8e191ae466adb4e1a7d49c59f2215b411d38b05

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
cf-cache-status
HIT
x-cacheable
L03
age
5
cf-ray
69b3f7133ee4fb5c-DUS
content-length
4
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Oct 2021 10:10:57 GMT
server
cloudflare
etag
"4-5cdd498645723"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
x-varnish
665458963 665846183
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5, must-revalidate
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 09 Oct 2021 01:56:27 GMT
adlogs
in.treasuredata.com/js/v3/event/popin_ads/ 		89 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1633744300101&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwidGltZV9zaG93X3NlY29uZHMiOjEsInJlcXVlc3RfYWQiOjUwLCJyZXNwb25zZV9hZCI6MTEsInNtamFkIjowLCJhZiI6IiIsImFwaV9ob3N0IjoiaGsucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiaGsub24uY2NfMiIsInVybCI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwibG9naWQiOiI4NzM1YjFiYy1hZTEwLTQzNDMtYjVhNS0yYjU5MTk3NmRkZjEiLCJ1aWQiOiJiOTQ2ZjZkMWNhNTg2YjFiZDNjMTYzMzc0NDI5ODY3NiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6Ijg1YjQwYzkzLWU0ZjUtNDVhNC05OThkLTUzOTc5M2IwNzhkYyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLohqDmqL3lm57mlLbnjofkvY7jgIDllYbloLTmjqjos7rnqY3liIblm57mlLbmqZ%2FpvJPli7XnkrDkv50iLCJ0ZF91cmwiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJoay5vbi5jYyIsInRkX3BhdGgiOiIvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJjbGllbnRfaWQiOiI4NWI0MGM5My1lNGY1LTQ1YTQtOTk4ZC01Mzk3OTNiMDc4ZGMiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5IjoiaHR0cHM6Ly9oay5vbi5jYy9oay9ia24vY250L25ld3MvMjAxNzA5MjkvYmtuLTIwMTcwOTI5MTExOTM5MDYyLTA5MjlfMDA4MjJfMDAxLmh0bWwiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.105.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-105-201.compute-1.amazonaws.com
Software
/
Resource Hash
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:40 GMT
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length
89
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
adlogs
log.popin.cc/log/popin_ads/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiIiwiYWxnIjoibHRyIiwidGltZV9zaG93X3NlY29uZHMiOjEsInJlcXVlc3RfYWQiOjUwLCJyZXNwb25zZV9hZCI6MTEsInNtamFkIjowLCJhZiI6IiIsImFwaV9ob3N0IjoiaGsucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiaGsub24uY2NfMiIsInVybCI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwibG9naWQiOiI4NzM1YjFiYy1hZTEwLTQzNDMtYjVhNS0yYjU5MTk3NmRkZjEiLCJ1aWQiOiJiOTQ2ZjZkMWNhNTg2YjFiZDNjMTYzMzc0NDI5ODY3NiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6Ijg1YjQwYzkzLWU0ZjUtNDVhNC05OThkLTUzOTc5M2IwNzhkYyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLohqDmqL3lm57mlLbnjofkvY7jgIDllYbloLTmjqjos7rnqY3liIblm57mlLbmqZ/pvJPli7XnkrDkv50iLCJ0ZF91cmwiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJoay5vbi5jYyIsInRkX3BhdGgiOiIvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTMuMC40NTc3IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6Ijg1YjQwYzkzLWU0ZjUtNDVhNC05OThkLTUzOTc5M2IwNzhkYyIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1633744300102
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Last-Modified
Thu, 13 Dec 2018 07:32:33 GMT
Server
nginx/1.13.5
ETag
"5c120b11-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
s.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&uid=b946f6d1ca586b1bd3c1633744298676&type=pc_pv&nid=pc&media=hk.on.cc_2&r5=ca_https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html|ch_cy_tw&t=1633744300102&tz=hk
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
last-modified
Tue, 10 Sep 2019 07:46:01 GMT
server
nginx
etag
"5d7754b9-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoiaGsucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiaGsub24uY2NfMiIsInVybCI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwibG9naWQiOiI4NzM1YjFiYy1hZTEwLTQzNDMtYjVhNS0yYjU5MTk3NmRkZjEiLCJ1aWQiOiJiOTQ2ZjZkMWNhNTg2YjFiZDNjMTYzMzc0NDI5ODY3NiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6Ijg1YjQwYzkzLWU0ZjUtNDVhNC05OThkLTUzOTc5M2IwNzhkYyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLohqDmqL3lm57mlLbnjofkvY7jgIDllYbloLTmjqjos7rnqY3liIblm57mlLbmqZ/pvJPli7XnkrDkv50iLCJ0ZF91cmwiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJoay5vbi5jYyIsInRkX3BhdGgiOiIvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTMuMC40NTc3IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6Ijg1YjQwYzkzLWU0ZjUtNDVhNC05OThkLTUzOTc5M2IwNzhkYyIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1633744300103
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Last-Modified
Thu, 13 Dec 2018 07:19:53 GMT
Server
nginx/1.13.5
ETag
"5c120819-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
other
inrecsys.popin.cc/PopinService/Logs/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4NWI0MGM5My1lNGY1LTQ1YTQtOTk4ZC01Mzk3OTNiMDc4ZGMiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi6Iag5qi95Zue5pS2546H5L2O44CA5ZWG5aC05o6o6LO656mN5YiG5Zue5pS25qmf6byT5Yu155Kw5L+dIiwidGRfdXJsIjoiaHR0cHM6Ly9oay5vbi5jYy9oay9ia24vY250L25ld3MvMjAxNzA5MjkvYmtuLTIwMTcwOTI5MTExOTM5MDYyLTA5MjlfMDA4MjJfMDAxLmh0bWwiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkzLjAuNDU3Ny42MyBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0IjoiaGsub24uY2MiLCJ0ZF9wYXRoIjoiL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiIyMTYuMTMxLjExMS4xMzgiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTMuMC40NTc3IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImRpc2hfY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJrZXkiOiJrZXkxNjMzNzQ0Mjk4Njc3Iiwibm93IjoxNjMzNzQ0MzAwMTAzLCJjbGllbnRfaWQiOiI4NWI0MGM5My1lNGY1LTQ1YTQtOTk4ZC01Mzk3OTNiMDc4ZGMiLCJ1cmwiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInVpZCI6ImI5NDZmNmQxY2E1ODZiMWJkM2MxNjMzNzQ0Mjk4Njc2Iiwic21qSWQiOiIiLCJkZXZpY2UiOiJwYyIsImRpc2hfbWVkaWEiOiJoay5vbi5jY18yIiwiZGlzaF9jYXRlZ29yeSI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwiZGlzaF9kb21haW4iOiJoay5vbi5jYyIsInZfZGlzaF9sYWJlbHMiOiLlm57mlLYs5biC5rCRLOS6jOawp+WMlueisyzlpqXlloTomZXnkIYs5bCN6Iuv5LqM55SyLOaOkuaUvumHjyznuL3lubnkuoss55Kw5L+d572yLOS5meS6jOmGhyzlhKrmg6DliLgs5YqJ56WJ6YuSLOmhr+ekuizlkIjkvZws5ZyY6auULOW8leWFpSzpgI/pgY4s54mp5paZLOWjk+WKmyzos7rlj5Ys56au54mpLOWcsOeQgyznjY7os54s6aaZ5rivLOWghuaUvizlvqrnkrAs6LaF6YGOLOebuOetiSzkvb/nlKgs6KiI5YqDLOWVhuW6lyzovqjorZgs5aKe5YqgLOe8uuS5jyznqbrplpMs5buj5aC0LOaOg+aPjyzmlZnogrIs5pa55rOVLOS4iuawtCzlj43mmKAs5pa55byPLOajhOe9rizli5nmsYIs5riv5Lq6LOW4jOacmyzmop3norws5Y+v5L6bLOaVuOWtlyzmnInliqks54++5pmCLOa0l+a3qCzlhafoqK0s5o+b5Y+WLOmcgOWwhyzmlLnlloQs5aGR6IagLOefpeitmCzovInmnIks6LOH5paZLOaKleWFpSIsInZfZGlzaF90bGFiZWxzIjoi5Zue5pS25qmfLOWbnuaUtueOhyzpvJPli7Us5ZWG5aC0IiwibG9naWQiOiI4NzM1YjFiYy1hZTEwLTQzNDMtYjVhNS0yYjU5MTk3NmRkZjEiLCJhcGlfaG9zdCI6ImhrLnBvcGluLmNjIiwiZG9tYWluIjoiaGsub24uY2MiLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:40 GMT
Cross-Origin-Resource-Policy
cross-origin
Content-Length
0
Content-Type
text/plain
s.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&uid=&type=pc_channel_pv&nid=pc&media=hk.on.cc_2&r5=ca_https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html|ch_with_sz_standard-pc|ch_cy_tw&t=1633744300105&tz=hk
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
last-modified
Tue, 10 Sep 2019 07:46:01 GMT
server
nginx
etag
"5d7754b9-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJ3aXRoX3N6X3N0YW5kYXJkLXBjIiwiZXhwZWN0ZWRfYWQiOjQsInJlbmRlcmVkX2FkIjo0LCJhcGlfaG9zdCI6ImhrLnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6ImhrLm9uLmNjXzIiLCJ1cmwiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsImxvZ2lkIjoiODczNWIxYmMtYWUxMC00MzQzLWI1YTUtMmI1OTE5NzZkZGYxIiwidWlkIjoiYjk0NmY2ZDFjYTU4NmIxYmQzYzE2MzM3NDQyOTg2NzYiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4NWI0MGM5My1lNGY1LTQ1YTQtOTk4ZC01Mzk3OTNiMDc4ZGMiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi6Iag5qi95Zue5pS2546H5L2O44CA5ZWG5aC05o6o6LO656mN5YiG5Zue5pS25qmf6byT5Yu155Kw5L+dIiwidGRfdXJsIjoiaHR0cHM6Ly9oay5vbi5jYy9oay9ia24vY250L25ld3MvMjAxNzA5MjkvYmtuLTIwMTcwOTI5MTExOTM5MDYyLTA5MjlfMDA4MjJfMDAxLmh0bWwiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkzLjAuNDU3Ny42MyBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0IjoiaGsub24uY2MiLCJ0ZF9wYXRoIjoiL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInRkX3JlZmVycmVyIjoiIiwidGRfYnJvd3NlciI6IkNocm9tZSIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6IjkzLjAuNDU3NyIsInRkX29zIjoiV2luZG93cyIsInRkX29zX3ZlcnNpb24iOiIxMC4wLjAiLCJjbGllbnRfaWQiOiI4NWI0MGM5My1lNGY1LTQ1YTQtOTk4ZC01Mzk3OTNiMDc4ZGMiLCJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzcyIsImNhdGVnb3J5IjoiaHR0cHM6Ly9oay5vbi5jYy9oay9ia24vY250L25ld3MvMjAxNzA5MjkvYmtuLTIwMTcwOTI5MTExOTM5MDYyLTA5MjlfMDA4MjJfMDAxLmh0bWwiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1633744300105
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Last-Modified
Mon, 07 Jan 2019 09:48:08 GMT
Server
nginx/1.13.5
ETag
"5c332058-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
log.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/log.gif?type=related-tw&uid=b946f6d1ca586b1bd3c1633744298676&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&t=1633744300105
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
last-modified
Tue, 10 Sep 2019 07:46:01 GMT
server
nginx
etag
"5d7754b9-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
logo.png
api.popin.cc/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://api.popin.cc/images/logo.png
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:40 GMT
Last-Modified
Tue, 02 Apr 2019 12:00:56 GMT
Server
nginx
ETag
"b10c5c3579ba2dba39fd2804188dc3f1"
X-Cache-Status
HIT from 10.252.55.25
x-amz-version-id
null
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
2316
Expires
Sat, 09 Oct 2021 02:51:40 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v109/ 		111 KB
112 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v109/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
ed6818649489f3c542a92f2e189696e69f304ca0f4e9a85dfa340e669c6f3304
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hk.on.cc
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 00:19:55 GMT
x-content-type-options
nosniff
age
351105
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113660
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 00:04:22 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 05 Oct 2022 00:19:55 GMT
05d96880dcb7a8e695557f478edfb842.jpeg
imageaws.popin.cc/discovery/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/discovery/05d96880dcb7a8e695557f478edfb842.jpeg
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
ba8098ca0d26f070a7534e1ccbe2059e02e76a65f18fdae806e6e09ef3dbd8dc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Last-Modified
Fri, 03 Sep 2021 02:06:45 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
ETag
"4603ed9eaa9757730227f9d40e50e56b"
X-Cache-Status
HIT from 10.252.43.28
x-amz-version-id
WE.eeZiPUu2JRVc109JlOmeShw3cLDNR
Cache-Control
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
24309
Expires
Sun, 09 Oct 2022 01:51:41 GMT
a6650f4a225fb37889890770e9cc5763_160.jpg
imageaws.popin.cc/article/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageaws.popin.cc/article/a6650f4a225fb37889890770e9cc5763_160.jpg
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.198.180 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
00e03e176632741e6d7778c5805a9cfdca8b5c54a8c6026bf78ef26248ce7c5d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Last-Modified
Fri, 08 Oct 2021 16:32:54 GMT
Server
nginx
Cross-Origin-Opener-Policy
same-origin
Cross-Origin-Embedder-Policy
require-corp
ETag
"1c5f23c821d3b1af5d6bcf6978d191c7"
X-Cache-Status
HIT from 10.252.43.27
x-amz-version-id
gQRXO4beXo8F4DtW_p5UM0ZtNyvaMkZ2
Cache-Control
max-age=31536000
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
30851
Expires
Sun, 09 Oct 2022 01:51:41 GMT
s.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&uid=b946f6d1ca586b1bd3c1633744298676&type=pc_imp&nid=&media=hk.on.cc_2&r5=cc_business|ch_cy_tw&t=1633744300125&tz=hk
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
last-modified
Tue, 10 Sep 2019 07:46:01 GMT
server
nginx
etag
"5d7754b9-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjQsImFwaV9ob3N0IjoiaGsucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiaGsub24uY2NfMiIsInVybCI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwibG9naWQiOiI4NzM1YjFiYy1hZTEwLTQzNDMtYjVhNS0yYjU5MTk3NmRkZjEiLCJ1aWQiOiJiOTQ2ZjZkMWNhNTg2YjFiZDNjMTYzMzc0NDI5ODY3NiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6Ijg1YjQwYzkzLWU0ZjUtNDVhNC05OThkLTUzOTc5M2IwNzhkYyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLohqDmqL3lm57mlLbnjofkvY7jgIDllYbloLTmjqjos7rnqY3liIblm57mlLbmqZ/pvJPli7XnkrDkv50iLCJ0ZF91cmwiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJoay5vbi5jYyIsInRkX3BhdGgiOiIvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTMuMC40NTc3IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6Ijg1YjQwYzkzLWU0ZjUtNDVhNC05OThkLTUzOTc5M2IwNzhkYyIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1633744300125
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Last-Modified
Mon, 07 Jan 2019 09:48:08 GMT
Server
nginx/1.13.5
ETag
"5c332058-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo2LCJjaGFubmVsX2lkIjoid2l0aF9zel9zdGFuZGFyZC1wYyIsImFwaV9ob3N0IjoiaGsucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiaGsub24uY2NfMiIsInVybCI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwibG9naWQiOiI4NzM1YjFiYy1hZTEwLTQzNDMtYjVhNS0yYjU5MTk3NmRkZjEiLCJ1aWQiOiJiOTQ2ZjZkMWNhNTg2YjFiZDNjMTYzMzc0NDI5ODY3NiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6Ijg1YjQwYzkzLWU0ZjUtNDVhNC05OThkLTUzOTc5M2IwNzhkYyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLohqDmqL3lm57mlLbnjofkvY7jgIDllYbloLTmjqjos7rnqY3liIblm57mlLbmqZ/pvJPli7XnkrDkv50iLCJ0ZF91cmwiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJoay5vbi5jYyIsInRkX3BhdGgiOiIvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTMuMC40NTc3IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6Ijg1YjQwYzkzLWU0ZjUtNDVhNC05OThkLTUzOTc5M2IwNzhkYyIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1633744300125
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Last-Modified
Thu, 13 Dec 2018 07:32:33 GMT
Server
nginx/1.13.5
ETag
"5c120b11-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
s.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&uid=&type=pc_channel_imp&nid=&media=hk.on.cc_2&r5=ca_https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html|ch_with_sz_standard-pc|ch_cy_tw&t=1633744300125&tz=hk
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:41 GMT
last-modified
Tue, 10 Sep 2019 07:46:01 GMT
server
nginx
etag
"5d7754b9-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6Imh0dHBzOi8vdHJhZmZpYy5wb3Bpbi5jYy9yZWRpcmVjdC9kaXNjb3Zlcnk/dXJsPWh0dHBzJTNBJTJGJTJGaGsub24uY2MlMkZoayUyRmJrbiUyRmNudCUyRm5ld3MlMkYyMDIxMTAwOCUyRmJrbi0yMDIxMTAwODIyMjQyNDczMi0xMDA4XzAwODIyXzAwMS5odG1sIiwidHlwZSI6MSwicmVjb21tZW5kX3R5cGUiOiJob3QiLCJyZWNvbW1lbmRfcG9zaXRpb24iOjIsImNoYW5uZWxfaWQiOiJ3aXRoX3N6X3N0YW5kYXJkLXBjIiwiYXBpX2hvc3QiOiJoay5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJoay5vbi5jY18yIiwidXJsIjoiaHR0cHM6Ly9oay5vbi5jYy9oay9ia24vY250L25ld3MvMjAxNzA5MjkvYmtuLTIwMTcwOTI5MTExOTM5MDYyLTA5MjlfMDA4MjJfMDAxLmh0bWwiLCJsb2dpZCI6Ijg3MzViMWJjLWFlMTAtNDM0My1iNWE1LTJiNTkxOTc2ZGRmMSIsInVpZCI6ImI5NDZmNmQxY2E1ODZiMWJkM2MxNjMzNzQ0Mjk4Njc2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiODViNDBjOTMtZTRmNS00NWE0LTk5OGQtNTM5NzkzYjA3OGRjIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuiGoOaoveWbnuaUtueOh+S9juOAgOWVhuWgtOaOqOizuuepjeWIhuWbnuaUtuapn+m8k+WLteeSsOS/nSIsInRkX3VybCI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImhrLm9uLmNjIiwidGRfcGF0aCI6Ii9oay9ia24vY250L25ld3MvMjAxNzA5MjkvYmtuLTIwMTcwOTI5MTExOTM5MDYyLTA5MjlfMDA4MjJfMDAxLmh0bWwiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI5My4wLjQ1NzciLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiODViNDBjOTMtZTRmNS00NWE0LTk5OGQtNTM5NzkzYjA3OGRjIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1633744300126
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Last-Modified
Thu, 13 Dec 2018 07:24:27 GMT
Server
nginx/1.13.5
ETag
"5c12092b-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
discovery
inrecsys.popin.cc/PopinService/Logs/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inrecsys.popin.cc/PopinService/Logs/discovery?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4NWI0MGM5My1lNGY1LTQ1YTQtOTk4ZC01Mzk3OTNiMDc4ZGMiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi6Iag5qi95Zue5pS2546H5L2O44CA5ZWG5aC05o6o6LO656mN5YiG5Zue5pS25qmf6byT5Yu155Kw5L+dIiwidGRfdXJsIjoiaHR0cHM6Ly9oay5vbi5jYy9oay9ia24vY250L25ld3MvMjAxNzA5MjkvYmtuLTIwMTcwOTI5MTExOTM5MDYyLTA5MjlfMDA4MjJfMDAxLmh0bWwiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzkzLjAuNDU3Ny42MyBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0IjoiaGsub24uY2MiLCJ0ZF9wYXRoIjoiL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiIyMTYuMTMxLjExMS4xMzgiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTMuMC40NTc3IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImRpc2hfY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJrZXkiOiJrZXkxNjMzNzQ0Mjk4Njc3Iiwibm93IjoxNjMzNzQ0MzAwMTI2LCJjbGllbnRfaWQiOiI4NWI0MGM5My1lNGY1LTQ1YTQtOTk4ZC01Mzk3OTNiMDc4ZGMiLCJ1cmwiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInVpZCI6ImI5NDZmNmQxY2E1ODZiMWJkM2MxNjMzNzQ0Mjk4Njc2Iiwic21qSWQiOiIiLCJkZXZpY2UiOiJwYyIsImRpc2hfbWVkaWEiOiJoay5vbi5jY18yIiwiZGlzaF9jYXRlZ29yeSI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwiZGlzaF9kb21haW4iOiJoay5vbi5jYyIsInZfZGlzaF9sYWJlbHMiOiLlm57mlLYs5biC5rCRLOS6jOawp+WMlueisyzlpqXlloTomZXnkIYs5bCN6Iuv5LqM55SyLOaOkuaUvumHjyznuL3lubnkuoss55Kw5L+d572yLOS5meS6jOmGhyzlhKrmg6DliLgs5YqJ56WJ6YuSLOmhr+ekuizlkIjkvZws5ZyY6auULOW8leWFpSzpgI/pgY4s54mp5paZLOWjk+WKmyzos7rlj5Ys56au54mpLOWcsOeQgyznjY7os54s6aaZ5rivLOWghuaUvizlvqrnkrAs6LaF6YGOLOebuOetiSzkvb/nlKgs6KiI5YqDLOWVhuW6lyzovqjorZgs5aKe5YqgLOe8uuS5jyznqbrplpMs5buj5aC0LOaOg+aPjyzmlZnogrIs5pa55rOVLOS4iuawtCzlj43mmKAs5pa55byPLOajhOe9rizli5nmsYIs5riv5Lq6LOW4jOacmyzmop3norws5Y+v5L6bLOaVuOWtlyzmnInliqks54++5pmCLOa0l+a3qCzlhafoqK0s5o+b5Y+WLOmcgOWwhyzmlLnlloQs5aGR6IagLOefpeitmCzovInmnIks6LOH5paZLOaKleWFpSIsInZfZGlzaF90bGFiZWxzIjoi5Zue5pS25qmfLOWbnuaUtueOhyzpvJPli7Us5ZWG5aC0IiwibG9naWQiOiI4NzM1YjFiYy1hZTEwLTQzNDMtYjVhNS0yYjU5MTk3NmRkZjEiLCJhcGlfaG9zdCI6ImhrLnBvcGluLmNjIiwidHlwZSI6ImltcCIsImRpc2hfdGRfdGl0bGUiOiLohqDmqL3lm57mlLbnjofkvY7jgIDllYbloLTmjqjos7rnqY3liIblm57mlLbmqZ/pvJPli7XnkrDkv50iLCJkaXNoX3B1YmRhdGUiOiIyMDE3MDkyOTExMTkwMDAwMDAiLCJkaXNoX3RkX3VybCI6Imh0dHBzJTNBJTJGJTJGaGsub24uY2MlMkZoayUyRmJrbiUyRmNudCUyRm5ld3MlMkYyMDE3MDkyOSUyRmJrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwiZnJ1aXRfY29tbW9uX2NhdGVnb3J5IjoiZWNvbm9teSIsImZydWl0X2RvbWFpbiI6ImhrLm9uLmNjIiwiZnJ1aXRfdGRfdGl0bGUiOiLmlL9XaGF0c+WZj++8mumBreitpuaWueWci+WuieiZleaLmOaNleOAgOacseaFp+ebiOmAgOWHuuacrOWcn+mdkuW5tOaEj+W/lyIsImZydWl0X3RpdGxlIjoi5pS/V2hhdHPlmY/vvJrpga3orabmlrnlnIvlronomZXmi5jmjZXjgIDmnLHmhafnm4jpgIDlh7rmnKzlnJ/pnZLlubTmhI/lv5ciLCJmcnVpdF9wdWJkYXRlIjoiMjAyMTEwMDgyMjI0MDAwMDAwIiwiZnJ1aXRfY2F0ZWdvcnkiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDIxMTAwOC9ia24tMjAyMTEwMDgyMjI0MjQ3MzItMTAwOF8wMDgyMl8wMDEuaHRtbCIsImZydWl0X3RkX3VybCI6Imh0dHBzOi8vdHJhZmZpYy5wb3Bpbi5jYy9yZWRpcmVjdC9kaXNjb3Zlcnk/dXJsPWh0dHBzJTNBJTJGJTJGaGsub24uY2MlMkZoayUyRmJrbiUyRmNudCUyRm5ld3MlMkYyMDIxMTAwOCUyRmJrbi0yMDIxMTAwODIyMjQyNDczMi0xMDA4XzAwODIyXzAwMS5odG1sIiwiZnJ1aXRfaW1hZ2UiOiJodHRwczovL2ltYWdlYXdzLnBvcGluLmNjL2FydGljbGUvYTY2NTBmNGEyMjVmYjM3ODg5ODkwNzcwZTljYzU3NjNfMTYwLmpwZyIsImltYWdlX2hhc2giOiJhNjY1MGY0YTIyNWZiMzc4ODk4OTA3NzBlOWNjNTc2My5qcGciLCJmcnVpdF9yZWNvbW1lbmRfdHlwZSI6ImhvdCIsImZydWl0X3JlY29tbWVuZF9wb3NpdGlvbiI6MiwicG9waW5fdmVyc2lvbiI6Nn0=
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Cross-Origin-Resource-Policy
cross-origin
Content-Length
0
Content-Type
text/plain
s.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&uid=b946f6d1ca586b1bd3c1633744298676&type=pc_inview&nid=pc&media=hk.on.cc_2&r5=ca_https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html|ch_cy_tw&t=1633744300126&tz=hk
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:41 GMT
last-modified
Tue, 10 Sep 2019 07:46:01 GMT
server
nginx
etag
"5d7754b9-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjMsImFwaV9ob3N0IjoiaGsucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoiaGsub24uY2NfMiIsInVybCI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwibG9naWQiOiI4NzM1YjFiYy1hZTEwLTQzNDMtYjVhNS0yYjU5MTk3NmRkZjEiLCJ1aWQiOiJiOTQ2ZjZkMWNhNTg2YjFiZDNjMTYzMzc0NDI5ODY3NiIsInRkX3ZlcnNpb24iOiIxLjcuMSIsInRkX2NsaWVudF9pZCI6Ijg1YjQwYzkzLWU0ZjUtNDVhNC05OThkLTUzOTc5M2IwNzhkYyIsInRkX2NoYXJzZXQiOiJ1dGYtOCIsInRkX2xhbmd1YWdlIjoiZW4tdXMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLohqDmqL3lm57mlLbnjofkvY7jgIDllYbloLTmjqjos7rnqY3liIblm57mlLbmqZ/pvJPli7XnkrDkv50iLCJ0ZF91cmwiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJoay5vbi5jYyIsInRkX3BhdGgiOiIvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTMuMC40NTc3IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6Ijg1YjQwYzkzLWU0ZjUtNDVhNC05OThkLTUzOTc5M2IwNzhkYyIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1633744300126
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Last-Modified
Thu, 13 Dec 2018 07:19:53 GMT
Server
nginx/1.13.5
ETag
"5c120819-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
discoverylogs
log.popin.cc/log/popin_media/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjUsImNoYW5uZWxfaWQiOiJ3aXRoX3N6X3N0YW5kYXJkLXBjIiwiYm94X3Bvc2l0aW9uIjoiYm90dG9tX3JpZ2h0IiwiYXBpX2hvc3QiOiJoay5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJoay5vbi5jY18yIiwidXJsIjoiaHR0cHM6Ly9oay5vbi5jYy9oay9ia24vY250L25ld3MvMjAxNzA5MjkvYmtuLTIwMTcwOTI5MTExOTM5MDYyLTA5MjlfMDA4MjJfMDAxLmh0bWwiLCJsb2dpZCI6Ijg3MzViMWJjLWFlMTAtNDM0My1iNWE1LTJiNTkxOTc2ZGRmMSIsInVpZCI6ImI5NDZmNmQxY2E1ODZiMWJkM2MxNjMzNzQ0Mjk4Njc2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiODViNDBjOTMtZTRmNS00NWE0LTk5OGQtNTM5NzkzYjA3OGRjIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuiGoOaoveWbnuaUtueOh+S9juOAgOWVhuWgtOaOqOizuuepjeWIhuWbnuaUtuapn+m8k+WLteeSsOS/nSIsInRkX3VybCI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImhrLm9uLmNjIiwidGRfcGF0aCI6Ii9oay9ia24vY250L25ld3MvMjAxNzA5MjkvYmtuLTIwMTcwOTI5MTExOTM5MDYyLTA5MjlfMDA4MjJfMDAxLmh0bWwiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI5My4wLjQ1NzciLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiODViNDBjOTMtZTRmNS00NWE0LTk5OGQtNTM5NzkzYjA3OGRjIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwiZXh0cmEiOiIiLCJpbnRlcmFjdGlvbl9udW1iZXIiOjAsInBvcGluX3ZlcnNpb24iOjZ9&t=1633744300128
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Last-Modified
Mon, 07 Jan 2019 09:48:08 GMT
Server
nginx/1.13.5
ETag
"5c332058-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
s.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&uid=&type=pc_channel_inview&nid=pc&media=hk.on.cc_2&r5=ca_https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html|ch_with_sz_standard-pc|ch_cy_tw&t=1633744300128&tz=hk
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:41 GMT
last-modified
Tue, 10 Sep 2019 07:46:01 GMT
server
nginx
etag
"5d7754b9-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 5BCB 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=422
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
5be5293fd225fdd263ba480a7786b3209ba80fb8e77a567aaf3c29d3b0ce605a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51250
x-xss-protection
0
server
cafe
etag
1438179067352314083
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 09 Oct 2021 01:51:40 GMT
lg.php
ad4.on.cc/web/www/delivery/ Frame 5BCB 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6314&campaignid=3387&zoneid=422&loc=1&referer=https%3A%2F%2Fad6.on.cc%2Fweb%2Fhtml%2Fgoogle%2Fhousead%2Flrec1_422.html&cb=fc8009c69e
Requested by
Host: ad6.on.cc
URL: https://ad6.on.cc/web/html/google/housead/lrec1_422.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
accept-ranges
bytes
cf-ray
69b3f7158b652175-DUS
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame DDC9 		144 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ad4.on.cc
URL: https://ad4.on.cc/web/www/delivery/ajs.php?zoneid=423
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
5be5293fd225fdd263ba480a7786b3209ba80fb8e77a567aaf3c29d3b0ce605a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51250
x-xss-protection
0
server
cafe
etag
1438179067352314083
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 09 Oct 2021 01:51:40 GMT
lg.php
ad4.on.cc/web/www/delivery/ Frame DDC9 		43 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4.on.cc/web/www/delivery/lg.php?bannerid=6314&campaignid=3387&zoneid=423&loc=1&referer=https%3A%2F%2Fad6.on.cc%2Fweb%2Fhtml%2Fgoogle%2Fhousead%2Flrec1_423.html&cb=37a5bf14ba
Requested by
Host: ad6.on.cc
URL: https://ad6.on.cc/web/html/google/housead/lrec1_423.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.137.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
*
cache-control
private, max-age=0, no-cache
accept-ranges
bytes
cf-ray
69b3f7159b682175-DUS
content-type
image/gif
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/ Frame DDC9 		257 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=ad6.on.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a2f3c118bd591281d5d16ba63d77ab8c6ab5fb10cf4d24a8f8f6522df6174318
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97116
x-xss-protection
0
server
cafe
etag
5245556918410880553
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Oct 2021 01:51:40 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/ Frame 5BCB 		257 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=ad6.on.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
a2f3c118bd591281d5d16ba63d77ab8c6ab5fb10cf4d24a8f8f6522df6174318
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
97116
x-xss-protection
0
server
cafe
etag
5245556918410880553
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 09 Oct 2021 01:51:40 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame DDC9 		195 B
436 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ad6.on.cc&callback=_gfp_s_&client=ca-pub-3571272074788370&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=ad6.on.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
c02764d04856aa7d3835433a6f4ba65eae7798e048417aef13ac3167468a5a9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
189
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame DDC9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ad6.on.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=ad6.on.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame DDC9 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ad6.on.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=ad6.on.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7284 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=ad6.on.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
0e75958bd95a833d1ae65fbe317f523093eea165a49226187972aa208f1fed9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm27ecBU4Pwx8ctanAz_RPQQSYH0ut-yOjumkvGw6sNJdMhlGzMonOkPvjZ3Do; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 09 Oct 2021 01:51:40 GMT
server
cafe
content-length
10060
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ Frame 5BCB 		195 B
258 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ad6.on.cc&callback=_gfp_s_&client=ca-pub-3571272074788370&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=ad6.on.cc
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f2.1e100.net
Software
cafe /
Resource Hash
36a51db370d5891b86686a3ad0157e4668d9ce34d7cea0168831db46b8a1d612
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 5BCB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ad6.on.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=ad6.on.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5BCB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ad6.on.cc
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=ad6.on.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BC3E 		18 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=ad6.on.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9d45e8f4a2b00d6e2fe907ae89c42fa1ef76fd5e59c96db23dd5100d1f67cdc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm27ecBU4Pwx8ctanAz_RPQQSYH0ut-yOjumkvGw6sNJdMhlGzMonOkPvjZ3Do; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sat, 09 Oct 2021 01:51:40 GMT
server
cafe
content-length
10263
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame BC3E 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DBSzKl3vif1hRhwN88VRRghthv9EUAkV_2s3FzoLbmAAloX91CSTUZvxlO88r12NbjL3rDkOuJjsQmudjbGnUqSZA6jxDaMqdsDTUEcLGqzhT9TQ4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame BC3E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 01:42:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BC3E 		123 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37898
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633547226118934"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Oct 2021 01:51:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame BC3E 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
cafe /
Resource Hash
51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 00:40:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4247
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6219
x-xss-protection
0
server
cafe
etag
4041254270185007295
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 00:40:53 GMT
l
www.google.com/ads/measurement/ Frame BC3E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNqDFxVYNZ3KB_fIhaOkpEP1-NkdwcQp78o7_5SPBCrF6ojEi8SINds55Li0J1HySRBeKGD2Ok2doejs2P_wOUIP-0CQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7D5D 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNU8VAeeGBvrN2N-zwJ_Y2AIv1eIT1jA4GzmR-Rwd-_vmsE8iBJBERbTEIJV-ghD89QCIYCYrqz2u-4p9g7MkvFJRc6zG5wPASeCgqIcskE8lsJGkBi6o66y5-Evhx3nwi6xf5MNSHtO-wNLavJgJ6OJ1U-0kqUxgR8AC_3HkRBOuDpbnTM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNU8VAeeGBvrN2N-zwJ_Y2AIv1eIT1jA4GzmR-Rwd-_vmsE8iBJBERbTEIJV-ghD89QCIYCYrqz2u-4p9g7MkvFJRc6zG5wPASeCgqIcskE8lsJGkBi6o66y5-Evhx3nwi6xf5MNSHtO-wNLavJgJ6OJ1U-0kqUxgR8AC_3HkRBOuDpbnTM
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm27ecBU4Pwx8ctanAz_RPQQSYH0ut-yOjumkvGw6sNJdMhlGzMonOkPvjZ3Do; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 09 Oct 2021 01:51:40 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sat, 09 Oct 2021 01:51:40 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame BC3E 		24 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ai03Wd2e0FGAvFm7VXT6ybPXlONWdwUZKrcKwqIugd60v6t525HbX1yyy5NK7JdbgNw2JOWZoAo7G62K5YVR0Owv7DpsJstCwndevWc5GBmnVK17vhvnabdp08GKFLUAXILMlrctwAigr4gf-aSKiMIdaETg&cry=1&dbm_d=AKAmf-Ah5_fH_z9VirvDI6ZVigycpcB464HbQ4g9KSdf_ymMqAssyE8n5QiB5pqcgRZOBinm13zllW6C4_DK3xHU0BtKeT_n5hUMAtonReNouBaPWIq-wLg95b-lLys0mYmZrHqQEY6sn1ANlzPHQTNaNMUwXOkV5987XE8klQ6aBu-6-T1cfBRxTXgjw-BNdk3Bc13gr_7phyn3H21qZf769zVU2Oy--JirS7dD9qkGHL3l3iINVl3W0JO33Y5GnjmVwGsdU5Fn4X05UTe6Rp5ABG4kKR9MjKYKavG8JjTpAWg-4rz4LxE6ZyQwklAxr80VkaLh2M7l9Hiwxk11Mnh0t8R05ldg0vMAZc7LYvlYPLLko8GtcCm1WlJ6u9cxiy7pP-7GM8gAt3Ero51Eaox-mbUtBZsVpKDj5cMmLvx8TRm8NNezIWY1nL3dvdwUTzz61IVprCyhfs1qGinsuzq22J_wyf0UKKFrkj5fIqWbHByo_jGc_bQvZN49XofO05WOvGqNrtTSa6Lo8yg4GNzhTQvLHYqJqkfkz8U4oduXqV-3AIA0UqSy7gNla_6-RSXABTCyH71s2vLF6aiMR2RGdAyrxQaUtNpvlKyEzycHeS1RY5n3AvtzFsaKMRMkpgQPjZP0UtjE4nKIs_2NwMSp_c2coTUe4Ij8aivr15crmgNvrC7EoMy1bdOaGV3nTDAldnVxZJSAivaptMD9W6IzX__9sIUxzpIbY1MjZp2KQISYA6nE2J6y4w6PzHwrFaAboUcSIodEPOM7ZfDS6EYAth9aohwt7nw4Lk65xSYUj5n-JKXQiBX-wG3pPl5J2DgP_G1r9sL_jph54P7_AabVM__6G4WEQUwpqQKBLbRejk8MxEs4KRpl4tqwEJ1SjprvlT-YN3b5T8My2DoAK1fvHsI7rVLt2O5gSj7Zfe85mK6-cplG1amtK2ix2sXF9bUhTRYcyizcSzP5ME-bdSzci_wODGF4nZynGDvfgBmea-TIeKyJ7PymGnoDTae7tUdRBKuvDaJmftWxFN9_Y1iUPl1nJfJXavxyFG7ZrSilZH2pGl84NbIH208R3aKnhlcG0QbZm7yAFYK_n38DEoxbiPaC-Z8QulwAS6TB15IeG87CdCS2Fvqgtibll7d8zLBhLiszVfc_FHHRGeONF4_DhIwe3Y2CG06B2C--h2Fc12LbDpsd6Uqvd8h0W87iK9gVfdplv3CcbYLOHSL596AGX1X55QULaXGN5zlhj1L1uGaEsLEcXepGv04ak55LB-XCz0UBPB4q9K2bFJxfJClId5w4VSdIRif8smLzclZinJ6JVdpQaJO6ABQbUVDUk9Yf3Ehdy_18Meirw2j6T1nwPxoRsIoYsvLFbyn_9xxhZgZ0bdzus2-UIHdjtm7MPpQtdJBdJRo5h8vtOBeukS3VvMyYe93GY7YPf1HchFgxBF1QXW3cuA-Bg3ocSdD-NsGz451_H_N4Zsr3SEhK7O6K4-r-196VQpxeu4acqtt4E9zGMkjehepqcbgXjsIcRcbITg6GGSPyF-I3cBdfpR_bqjyWw3-0PE7J2en8DKH1u66PprJ4e4EKvLsYqutFfoXfQeMQhD6IQ_2B1zRWCJNtj1nw-OPD81vPcIjLBGKApnMAUVHzQTNbsRHngvmR35gVTNZPjM_0G69btER2kfRuSSA5nMXa_w_zGpUMyLSLlJzAndM7Ft2ByH2TCSyD2XdQOzDyb_7SjfqfowUsb3UdhgVTFmdwdEm0eTBcIliwN-FMropLoULHXVdZKx4PKvvoX-5kq6TmcK96IoHIR43ALRHtG00CN-FOGuxS2NoAQmk4PkaGPG9fkAAhhz8Etxm3IHHc0cyIL_izRzgaHpWhNFJAHzmK-uWlrKGG-fJVllhRj68neB48zjQ45inU_xnr0OHzNrNfxwKPsGMHvbOARNuy5VrZBA5efNX-ePZApV7N6pwqDRPBaeJk30IU0XmK7F4VAW4q3D_gBMwLfSBb5IJFA2QB_gZx056LQDB5lecnzfvj_qLMCz5ZqSOcc9BQAh1ptRkaFoJI5Oo_0QMT6nRxll3SVGsmlSjafTDmdnwBkFD4_mi1fPsRQkWVsiXEq66Lhh9cbDHeIFKpULcGLPIYMW-WSatMXzLYb6iR8RNKQ6sZBdDxDkBLtrs8WbnRfengdLZCciZhVzBTJjvGbCUpuv0OEZu7H8Fz878IRzYQBUDm9NmcZ5KVxThN8chTgl-TjhzlZlp-CeS-v5ps0AHTLowNgZCVim5_vre_6w32LdnuCLcd2NU_RIXPb_l-ShZTrOnV8dzxbPnufgB4HBOAwyi0YB-gF8nj0o13dyePnibDhsPrsCeETk92Um0cc-2nADlhkVOGUJKEX1Pu1ZfgrYD_c4_Ld9fEhwFCpsOHnr_907joA3r63ahUIHY1gvRUL-f68L0UlZPhI7E_0QuEeHp4TAzzGjBxyzbA8D5-m4QvRzpL6_eu9WkRZJH6ttGqUXaAyRBKOkaETOgdSI-LkV2eVovUnImtfWL5UCsEbWAcTvZS2pHcobR85ms4eGGLgndL4i2AzGifUvnGN3LMnCPZ8NrbYtepv3-1Txx2Af_fsxTdsbEnjHQOfExi86-N0CigIsjc0cOvRHTInKuk7-TnbXTTpvlKXGijInauXY10EPJ1fVC7S9g3TeWLit-nqUgL5m5W78ZpfCTPaKQPET5uh-Tdu3T4JOQRHQaIvoiULrsUf92vFBwhB-NwaoP8KvxhrixmS31OsBklEs9OiY7Dmcks9x4RVgRm9P_C2dFub5AF-HFIJxZhWD4W_6CXA06ivJ9fDGf1yYL5xw7DvUNy4JwAyKrpUbNnUnlay1iyA-9bV_JlGI44Nfa5whvH0-GYGkkVZpIF7GRy52NOHin1yMFtcKbKZavZDaa_0bgRq2-upLr4LAnJ0DvcI51Kn8mInHatsq2UnrFY44DccaJZCZRXPKLpEkHKx2LJEe2qyaFPOC4QHpcNi-g3aiQjMliQm9yYiOGvleI76B7QGBOlxiR1qHyY1RWRHn5PCAgKBKY_mwwpVbRMtZSAgarttBGXkS-XfirB0zgbrK2uUd8Xz0O973D5CfR8kUT-O8dpFiw&cid=CAASEuRoJHw2WkDLwUtKaM-gtZIJhQ&rfl=3%2Chttps%253A%252F%252Fhk.on.cc%242%2C%2Chttps%253A%252F%252Fad6.on.cc%252Fweb%252Fhtml%252Fgoogle%252Fhousead%252Flrec1_422.html%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
be0ebb6a9384f29938d0f5894a207ea7bbd3db414a8c84d95e5996c15c6e033a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12882
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 7D5D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZocZlkd6X1sxj8XNHv6dU&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZocZlkd6X1sxj8XNHv6dU&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZocZlkd6X1sxj8XNHv6dU&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNU8VAeeGBvrN2N-zwJ_Y2AIv1eIT1jA4GzmR-Rwd-_vmsE8iBJBERbTEIJV-ghD89QCIYCYrqz2u-4p9g7MkvFJRc6zG5wPASeCgqIcskE8lsJGkBi6o66y5-Evhx3nwi6xf5MNSHtO-wNLavJgJ6OJ1U-0kqUxgR8AC_3HkRBOuDpbnTM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:40 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 09 Oct 2021 01:51:40 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:40 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZocZlkd6X1sxj8XNHv6dU&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Sat, 09 Oct 2021 01:51:40 GMT
rum
dsum-sec.casalemedia.com/ Frame 7D5D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWD1rOaKlEtHJQKT99W-4AAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZocZlkd6X1sxj8XNHv6dU&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZocZlkd6X1sxj8XNHv6dU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNU8VAeeGBvrN2N-zwJ_Y2AIv1eIT1jA4GzmR-Rwd-_vmsE8iBJBERbTEIJV-ghD89QCIYCYrqz2u-4p9g7MkvFJRc6zG5wPASeCgqIcskE8lsJGkBi6o66y5-Evhx3nwi6xf5MNSHtO-wNLavJgJ6OJ1U-0kqUxgR8AC_3HkRBOuDpbnTM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:41 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 09 Oct 2021 01:51:41 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJZocZlkd6X1sxj8XNHv6dU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 7D5D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIO75q1lmnTC3KlU_r91fcE&google_cver=1
0
580 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEIO75q1lmnTC3KlU_r91fcE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNU8VAeeGBvrN2N-zwJ_Y2AIv1eIT1jA4GzmR-Rwd-_vmsE8iBJBERbTEIJV-ghD89QCIYCYrqz2u-4p9g7MkvFJRc6zG5wPASeCgqIcskE8lsJGkBi6o66y5-Evhx3nwi6xf5MNSHtO-wNLavJgJ6OJ1U-0kqUxgR8AC_3HkRBOuDpbnTM
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:40 GMT
X-Proxy-Origin
216.131.111.138; 216.131.111.138; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
8ec56981-b5f2-47ec-ae65-3056ec08606a
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:40 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEIO75q1lmnTC3KlU_r91fcE&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7D5D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ4MjQ5NDQxODgyNjE0NDExNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ4MjQ5NDQxODgyNjE0NDExNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNU8VAeeGBvrN2N-zwJ_Y2AIv1eIT1jA4GzmR-Rwd-_vmsE8iBJBERbTEIJV-ghD89QCIYCYrqz2u-4p9g7MkvFJRc6zG5wPASeCgqIcskE8lsJGkBi6o66y5-Evhx3nwi6xf5MNSHtO-wNLavJgJ6OJ1U-0kqUxgR8AC_3HkRBOuDpbnTM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:40 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:40 GMT
X-Proxy-Origin
216.131.111.138; 216.131.111.138; 868.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
6e85ada9-9493-4868-a4ce-8bfe6ab02532
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQ4MjQ5NDQxODgyNjE0NDExNA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7284 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D6JVcRdwI_QBzSosdJjS67_ObpByhaxL8zeIMAeuehiG14sw_NwlE7MrX6I4KwiMY4xAUqOopr2RIf7kb8ll2IqpYJ41iliKA32bJqcZDbOw9Ow54
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:40 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 7284 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
cafe /
Resource Hash
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:42:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
541
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1344
x-xss-protection
0
server
cafe
etag
10107448882299530629
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 01:42:39 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7284 		123 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
sffe /
Resource Hash
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37898
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1633547226118934"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 09 Oct 2021 01:51:40 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 7284 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
cafe /
Resource Hash
51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 00:40:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4247
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6219
x-xss-protection
0
server
cafe
etag
4041254270185007295
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 00:40:53 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4926 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUbZ-9lKkQLkxEpIMPOgUNEpfCoJWIMlKPY0I1jh-BvFilciftUKL8FaKrEv9tqBjQZqEW6k5k0dtUUFeLAroGW_ZMME05FqUmt0uBFhrGxsbAKm5c4iQzw3ehug_UYlKJtlw23M6h_8smMVDLpoQvIW3nG0tmMsODO1_Lfw4lE_GUMOuU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUbZ-9lKkQLkxEpIMPOgUNEpfCoJWIMlKPY0I1jh-BvFilciftUKL8FaKrEv9tqBjQZqEW6k5k0dtUUFeLAroGW_ZMME05FqUmt0uBFhrGxsbAKm5c4iQzw3ehug_UYlKJtlw23M6h_8smMVDLpoQvIW3nG0tmMsODO1_Lfw4lE_GUMOuU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm27ecBU4Pwx8ctanAz_RPQQSYH0ut-yOjumkvGw6sNJdMhlGzMonOkPvjZ3Do
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sat, 09 Oct 2021 01:51:40 GMT
server
cafe
cache-control
private
content-length
295
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ad
googleads.g.doubleclick.net/dbm/ Frame 7284 		24 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJbxOJRuRko4a50_cmcH40y8Z4g4pIMN1rfuXnufWr3Nu0otSN3GoOs_vsXSKrvW3tHVRdD6t0ieywg_2Vnwp2CtwoYBEWpsDLgsYGrjKCpVYKM7E_700JZhuRiMaK2Si-Dn1BYH9jKkSvPjafDn1JWGcQtg&cry=1&dbm_d=AKAmf-AU40oTe2TWFaWtA5snw3axErq-VosWCL6ihzW27OvHPRDQI8LsC-W_xQO_1RYQUxmYlkBWbmcoLuvQZvQW5MD5jwEU-zsCyUjpXMW25UyrgNhQvkR1MaTMEgvNJ-do2J_rlTMPT7HO807MUdPpwPUwKlbVe7y9b1gIJnR3IbaAN_U4tWFHvTBrSTs6CmQLHTmpaDyNJgjmn7_6GamgNEAx3PagO5D-qQREfjSTMATDeT9oKycNRGvntA5dBQXrCjX8rGKKV8AWXEY4oyS_LnvYOhS7D2ngvNPT-pkVkqIQixsO8_z_ZK6uZCP4vwUnH_bkb8Mbz1KEG8g0xXNubsMP84S50RSD8lvh3hu3vK9BJOqQPnVsJ3pPU-Lu6qzgLQeH9o4H5ZM6ehjHPpa1gE6BjfQ7KieYqDU1Bsx2v79Psp58eJLQZ7Cj4j1nwc2zqNdJTJQMgV2469nX8kcOvjwNIUVmhz7cond-fzaCaPBQIC-IoMjZa-hXebn8d0e_u3S2vYfqqHebIpRRr6PwnVeoZSLBxwCAjX-UtUkEAdWhB55Vn4tGUmY-MUN_tFnNlVc5fXdTosCDSoslZAbL1L08SX9fnzXTEcKsS4PEEOgdaZFo2gpWSV5mCqiExlKdHu-06rflJJ1e0OXmCcdPPc0H0wvrsjd6szIe9n6Zu-pShCE9cAmQjIy6i1JaqBYD099JqBmS_q9SgSxJyqysUdwyGZN8fYFcxgJH5VYA4eS0bl2R2DmQXqMlzGRXAcBsS9oXKerP-g_nL_yvHztzmV1HM8gT3iwpw3Kl56u1ZKH1bztbIDMtSu6wHAr0osGhgB-gzcOOXOBGSh-fKKb_Lgh7W2RT-i7UakR_T-anB5TI8n0J65DTc2sfRVKDiqHMaBIAZpj3zxXw-sh0WI4zSIF0gdjFOLOz_ooEEDIGeWr6sixtCBkbtv7NY1hkxv91XdFy-KOF0cvTk6vgjcLFDfh_vQEje-dEvpVeXS7L0VJuuQCISnfIlWG8c_MYoUmJGHS_2grJZyUC2TRchyAJYsyVa_NydYFH5Ytg-nj2gQITSr7XfNJ2LIlaQhe8gAjwgPySeu7MTLrOYINu-9Kxdtfw1fZ4AwX4KBZ1zwoBfgjo4Iqr0190_93b6EzpMn_Qn0F5efuC5rOPyitQtU01FjQifZgZlRiC7kBn-BOIa7sSHRMLydjNfapw_uFwS-6OEpiZusu5WSdMD90WGfE84c0Etl-F04w-wOWfLLNmv_xIXIwkhsArMTLduROIRjO5yatItV_H0pGxYnaSQaOGy-Zoy3Kww_s_0JmgWVIOFm4BzBlzVNRHcEYcBBAsTfn0NI8bGjg_rE99jFXgIQUneEA1HVePWqe7vjvNjAk9Jb60Rbn8WcHuBpiplB1pI1xsMYzDlgHH8DwoB3vR23PENQS8k5ioWRyKJ3jV1X8jnDuvNad6PfgvLqs14qTZA2ZUfAFYSaqNUjw7x-VOx15Kos-1ZNxBwpmWPjdgOpSBk4DW8UOmoI7dOiSZJOjP1MCwQeKF7nCki61GEuAM5pDy8ZgzgI5GroJ7jdMOJFkG6ZTIqJeRqVYRWttE0cjWC9PTL7kNDcFtBew9Kzv61NvvWwRZDWt7fZa8iD1p-eUmLvi1J1g8xgu-Wa1h1AUgvs8WTTlJCK0A2bmaUdMLDEaH3xyD98LTf0MyT79ik2vUTcXZD4rILC5hztEyrsBvCF8eWJckbhyGdhUI8mWgN0f1bcnHHmYrJTHM6FdE4xWdSb3r_9tyMPrFZXZAuZnGdjoMj7MRg9G5wsuAKdlp_jXDWWK--xlwSY4ANYWU-WZbTAI5N6NThVl9XvHzqker3chjcGXWyTzGqEXTYpvnuAGdY2cdWbA4VohisuW2-p-GUd9ukDMlKCYVwUXa2HGRPESPjcm0iPYFChqf7eYWswX6Lq8zY7TUv40-QDw7XIE76nHtGbML3pkH0GsOJuCGuCJGx0_OtfGU8PAtDZX3DCRU8f3wtNwBgvCWUpUeKpsp0_wjlxLea44fVkpwg7NxWhBDUnWE6oFkFAN5Jq8UYqeEpJuPbKXCOEHaNdWIgkFgz4xfx8Hf0WWOJ4cel7Dk96t7XmuwteaEJOo2jVsOFhsre8C9ctdoMtzUzUBUHhMJ6qDw2d5Cx567IhB6G-0xxmbBFQ8TVHK3EtDtBRNyFqYH8meKPacKypnX8Y4UKTbRFktIDl8UGjUEXPUPh-bL65626wWUJ5OVK7xmT13al2KxAHn9Mo1EK9ahkbSTjrwFWrFWoiVDnhT9ug5KCHWj4rK2-YcLVgpR-pqRzXPF2Jdp3EADVHyvIikeX6ynqvhK4_eqExZMs9OOHsLP4VhB_xkP9yyBZuaEWTxN1KLVnGUQR7AIj1KApGKyWO5xHvIPLvPPPCl8yMmQrTXjhhLdjSeTdqhSVhYONx4s89_2Bop0hE-DqPOTroAB7sI6ZyUmJmPq4YWAK8m7vwo943TOhcS9vuLH6iLcmJG0zZEp1KNz2rVTi1qDLCI83TJX6pJnh5lI2kzMPBRmoYYrV2pJvSqQDhpQ36Cb9ROwvaMxFiYqITqzvgToVOxPK7kcpm9hU-nqOs67TA1QyN8P9K8cxeI2amHxVLkVenggltyUNdibve3pOvg-a-zNbq8wRPNkVD1A6cGzHGPpwBghSvjxhE3_zOq_qsmXFRXzMwHk8RQSYRJHlsvghqsg9EqfSQOaqa9EK7aewh6dbvkb72vxAD6a6cI4_aEf3CtJE0RsA0TuhYtldZGdZ_IzijXw3Ls8oCLHHoAUIW3QAoUd_WOWGc4MsazAgHCUO3OwGL_JB2U-5RXRZ_e5kJjOZgfzxemd_9D23klAeJL2_XpuieymiDxvJWxUmRtCJntuc9gUFsBU1orCxeoft0RW2RL3eTUwQ_QUTbiODhfMu_UpPEe9nZXFHomjknMLH4l1_l8AZNIi1Ubb40FGiv5ckyzPNd-R_oPu0jqBkS2H13f6mRfcuW3VVqJFJRw46slWp8QltUxK1b-yOchfhqoE7igv5fddugbljfOeN4t-8QHCVFE8_lKIsix8HMGQUDjpAxZgfjvznVtoPPs7KFtovuW07u47a-kiXsV-w9g&cid=CAASEuRoCFU71fzMhUHsTTykviKO-w&rfl=2%2Chttps%253A%252F%252Fhk.on.cc%242%2Chttps%253A%252F%252Fad6.on.cc%252Fweb%252Fhtml%252Fgoogle%252Fhousead%252Flrec1_423.html%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
cafe /
Resource Hash
2b80d503a8730d64d126666ed2af08ffafad710ee43296bbc701f68b277ef0a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:40 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12774
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/ Frame BC3E 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ai03Wd2e0FGAvFm7VXT6ybPXlONWdwUZKrcKwqIugd60v6t525HbX1yyy5NK7JdbgNw2JOWZoAo7G62K5YVR0Owv7DpsJstCwndevWc5GBmnVK17vhvnabdp08GKFLUAXILMlrctwAigr4gf-aSKiMIdaETg&cry=1&dbm_d=AKAmf-Ah5_fH_z9VirvDI6ZVigycpcB464HbQ4g9KSdf_ymMqAssyE8n5QiB5pqcgRZOBinm13zllW6C4_DK3xHU0BtKeT_n5hUMAtonReNouBaPWIq-wLg95b-lLys0mYmZrHqQEY6sn1ANlzPHQTNaNMUwXOkV5987XE8klQ6aBu-6-T1cfBRxTXgjw-BNdk3Bc13gr_7phyn3H21qZf769zVU2Oy--JirS7dD9qkGHL3l3iINVl3W0JO33Y5GnjmVwGsdU5Fn4X05UTe6Rp5ABG4kKR9MjKYKavG8JjTpAWg-4rz4LxE6ZyQwklAxr80VkaLh2M7l9Hiwxk11Mnh0t8R05ldg0vMAZc7LYvlYPLLko8GtcCm1WlJ6u9cxiy7pP-7GM8gAt3Ero51Eaox-mbUtBZsVpKDj5cMmLvx8TRm8NNezIWY1nL3dvdwUTzz61IVprCyhfs1qGinsuzq22J_wyf0UKKFrkj5fIqWbHByo_jGc_bQvZN49XofO05WOvGqNrtTSa6Lo8yg4GNzhTQvLHYqJqkfkz8U4oduXqV-3AIA0UqSy7gNla_6-RSXABTCyH71s2vLF6aiMR2RGdAyrxQaUtNpvlKyEzycHeS1RY5n3AvtzFsaKMRMkpgQPjZP0UtjE4nKIs_2NwMSp_c2coTUe4Ij8aivr15crmgNvrC7EoMy1bdOaGV3nTDAldnVxZJSAivaptMD9W6IzX__9sIUxzpIbY1MjZp2KQISYA6nE2J6y4w6PzHwrFaAboUcSIodEPOM7ZfDS6EYAth9aohwt7nw4Lk65xSYUj5n-JKXQiBX-wG3pPl5J2DgP_G1r9sL_jph54P7_AabVM__6G4WEQUwpqQKBLbRejk8MxEs4KRpl4tqwEJ1SjprvlT-YN3b5T8My2DoAK1fvHsI7rVLt2O5gSj7Zfe85mK6-cplG1amtK2ix2sXF9bUhTRYcyizcSzP5ME-bdSzci_wODGF4nZynGDvfgBmea-TIeKyJ7PymGnoDTae7tUdRBKuvDaJmftWxFN9_Y1iUPl1nJfJXavxyFG7ZrSilZH2pGl84NbIH208R3aKnhlcG0QbZm7yAFYK_n38DEoxbiPaC-Z8QulwAS6TB15IeG87CdCS2Fvqgtibll7d8zLBhLiszVfc_FHHRGeONF4_DhIwe3Y2CG06B2C--h2Fc12LbDpsd6Uqvd8h0W87iK9gVfdplv3CcbYLOHSL596AGX1X55QULaXGN5zlhj1L1uGaEsLEcXepGv04ak55LB-XCz0UBPB4q9K2bFJxfJClId5w4VSdIRif8smLzclZinJ6JVdpQaJO6ABQbUVDUk9Yf3Ehdy_18Meirw2j6T1nwPxoRsIoYsvLFbyn_9xxhZgZ0bdzus2-UIHdjtm7MPpQtdJBdJRo5h8vtOBeukS3VvMyYe93GY7YPf1HchFgxBF1QXW3cuA-Bg3ocSdD-NsGz451_H_N4Zsr3SEhK7O6K4-r-196VQpxeu4acqtt4E9zGMkjehepqcbgXjsIcRcbITg6GGSPyF-I3cBdfpR_bqjyWw3-0PE7J2en8DKH1u66PprJ4e4EKvLsYqutFfoXfQeMQhD6IQ_2B1zRWCJNtj1nw-OPD81vPcIjLBGKApnMAUVHzQTNbsRHngvmR35gVTNZPjM_0G69btER2kfRuSSA5nMXa_w_zGpUMyLSLlJzAndM7Ft2ByH2TCSyD2XdQOzDyb_7SjfqfowUsb3UdhgVTFmdwdEm0eTBcIliwN-FMropLoULHXVdZKx4PKvvoX-5kq6TmcK96IoHIR43ALRHtG00CN-FOGuxS2NoAQmk4PkaGPG9fkAAhhz8Etxm3IHHc0cyIL_izRzgaHpWhNFJAHzmK-uWlrKGG-fJVllhRj68neB48zjQ45inU_xnr0OHzNrNfxwKPsGMHvbOARNuy5VrZBA5efNX-ePZApV7N6pwqDRPBaeJk30IU0XmK7F4VAW4q3D_gBMwLfSBb5IJFA2QB_gZx056LQDB5lecnzfvj_qLMCz5ZqSOcc9BQAh1ptRkaFoJI5Oo_0QMT6nRxll3SVGsmlSjafTDmdnwBkFD4_mi1fPsRQkWVsiXEq66Lhh9cbDHeIFKpULcGLPIYMW-WSatMXzLYb6iR8RNKQ6sZBdDxDkBLtrs8WbnRfengdLZCciZhVzBTJjvGbCUpuv0OEZu7H8Fz878IRzYQBUDm9NmcZ5KVxThN8chTgl-TjhzlZlp-CeS-v5ps0AHTLowNgZCVim5_vre_6w32LdnuCLcd2NU_RIXPb_l-ShZTrOnV8dzxbPnufgB4HBOAwyi0YB-gF8nj0o13dyePnibDhsPrsCeETk92Um0cc-2nADlhkVOGUJKEX1Pu1ZfgrYD_c4_Ld9fEhwFCpsOHnr_907joA3r63ahUIHY1gvRUL-f68L0UlZPhI7E_0QuEeHp4TAzzGjBxyzbA8D5-m4QvRzpL6_eu9WkRZJH6ttGqUXaAyRBKOkaETOgdSI-LkV2eVovUnImtfWL5UCsEbWAcTvZS2pHcobR85ms4eGGLgndL4i2AzGifUvnGN3LMnCPZ8NrbYtepv3-1Txx2Af_fsxTdsbEnjHQOfExi86-N0CigIsjc0cOvRHTInKuk7-TnbXTTpvlKXGijInauXY10EPJ1fVC7S9g3TeWLit-nqUgL5m5W78ZpfCTPaKQPET5uh-Tdu3T4JOQRHQaIvoiULrsUf92vFBwhB-NwaoP8KvxhrixmS31OsBklEs9OiY7Dmcks9x4RVgRm9P_C2dFub5AF-HFIJxZhWD4W_6CXA06ivJ9fDGf1yYL5xw7DvUNy4JwAyKrpUbNnUnlay1iyA-9bV_JlGI44Nfa5whvH0-GYGkkVZpIF7GRy52NOHin1yMFtcKbKZavZDaa_0bgRq2-upLr4LAnJ0DvcI51Kn8mInHatsq2UnrFY44DccaJZCZRXPKLpEkHKx2LJEe2qyaFPOC4QHpcNi-g3aiQjMliQm9yYiOGvleI76B7QGBOlxiR1qHyY1RWRHn5PCAgKBKY_mwwpVbRMtZSAgarttBGXkS-XfirB0zgbrK2uUd8Xz0O973D5CfR8kUT-O8dpFiw&cid=CAASEuRoJHw2WkDLwUtKaM-gtZIJhQ&rfl=3%2Chttps%253A%252F%252Fhk.on.cc%242%2C%2Chttps%253A%252F%252Fad6.on.cc%252Fweb%252Fhtml%252Fgoogle%252Fhousead%252Flrec1_422.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
0b4cc12ccd09adacbf7695b7ae68d146a6b9bfa7a2058dbd4e58f31c14ec5e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2332
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9203
x-xss-protection
0
server
cafe
etag
15223966529599630443
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 01:12:48 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame BC3E 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ai03Wd2e0FGAvFm7VXT6ybPXlONWdwUZKrcKwqIugd60v6t525HbX1yyy5NK7JdbgNw2JOWZoAo7G62K5YVR0Owv7DpsJstCwndevWc5GBmnVK17vhvnabdp08GKFLUAXILMlrctwAigr4gf-aSKiMIdaETg&cry=1&dbm_d=AKAmf-Ah5_fH_z9VirvDI6ZVigycpcB464HbQ4g9KSdf_ymMqAssyE8n5QiB5pqcgRZOBinm13zllW6C4_DK3xHU0BtKeT_n5hUMAtonReNouBaPWIq-wLg95b-lLys0mYmZrHqQEY6sn1ANlzPHQTNaNMUwXOkV5987XE8klQ6aBu-6-T1cfBRxTXgjw-BNdk3Bc13gr_7phyn3H21qZf769zVU2Oy--JirS7dD9qkGHL3l3iINVl3W0JO33Y5GnjmVwGsdU5Fn4X05UTe6Rp5ABG4kKR9MjKYKavG8JjTpAWg-4rz4LxE6ZyQwklAxr80VkaLh2M7l9Hiwxk11Mnh0t8R05ldg0vMAZc7LYvlYPLLko8GtcCm1WlJ6u9cxiy7pP-7GM8gAt3Ero51Eaox-mbUtBZsVpKDj5cMmLvx8TRm8NNezIWY1nL3dvdwUTzz61IVprCyhfs1qGinsuzq22J_wyf0UKKFrkj5fIqWbHByo_jGc_bQvZN49XofO05WOvGqNrtTSa6Lo8yg4GNzhTQvLHYqJqkfkz8U4oduXqV-3AIA0UqSy7gNla_6-RSXABTCyH71s2vLF6aiMR2RGdAyrxQaUtNpvlKyEzycHeS1RY5n3AvtzFsaKMRMkpgQPjZP0UtjE4nKIs_2NwMSp_c2coTUe4Ij8aivr15crmgNvrC7EoMy1bdOaGV3nTDAldnVxZJSAivaptMD9W6IzX__9sIUxzpIbY1MjZp2KQISYA6nE2J6y4w6PzHwrFaAboUcSIodEPOM7ZfDS6EYAth9aohwt7nw4Lk65xSYUj5n-JKXQiBX-wG3pPl5J2DgP_G1r9sL_jph54P7_AabVM__6G4WEQUwpqQKBLbRejk8MxEs4KRpl4tqwEJ1SjprvlT-YN3b5T8My2DoAK1fvHsI7rVLt2O5gSj7Zfe85mK6-cplG1amtK2ix2sXF9bUhTRYcyizcSzP5ME-bdSzci_wODGF4nZynGDvfgBmea-TIeKyJ7PymGnoDTae7tUdRBKuvDaJmftWxFN9_Y1iUPl1nJfJXavxyFG7ZrSilZH2pGl84NbIH208R3aKnhlcG0QbZm7yAFYK_n38DEoxbiPaC-Z8QulwAS6TB15IeG87CdCS2Fvqgtibll7d8zLBhLiszVfc_FHHRGeONF4_DhIwe3Y2CG06B2C--h2Fc12LbDpsd6Uqvd8h0W87iK9gVfdplv3CcbYLOHSL596AGX1X55QULaXGN5zlhj1L1uGaEsLEcXepGv04ak55LB-XCz0UBPB4q9K2bFJxfJClId5w4VSdIRif8smLzclZinJ6JVdpQaJO6ABQbUVDUk9Yf3Ehdy_18Meirw2j6T1nwPxoRsIoYsvLFbyn_9xxhZgZ0bdzus2-UIHdjtm7MPpQtdJBdJRo5h8vtOBeukS3VvMyYe93GY7YPf1HchFgxBF1QXW3cuA-Bg3ocSdD-NsGz451_H_N4Zsr3SEhK7O6K4-r-196VQpxeu4acqtt4E9zGMkjehepqcbgXjsIcRcbITg6GGSPyF-I3cBdfpR_bqjyWw3-0PE7J2en8DKH1u66PprJ4e4EKvLsYqutFfoXfQeMQhD6IQ_2B1zRWCJNtj1nw-OPD81vPcIjLBGKApnMAUVHzQTNbsRHngvmR35gVTNZPjM_0G69btER2kfRuSSA5nMXa_w_zGpUMyLSLlJzAndM7Ft2ByH2TCSyD2XdQOzDyb_7SjfqfowUsb3UdhgVTFmdwdEm0eTBcIliwN-FMropLoULHXVdZKx4PKvvoX-5kq6TmcK96IoHIR43ALRHtG00CN-FOGuxS2NoAQmk4PkaGPG9fkAAhhz8Etxm3IHHc0cyIL_izRzgaHpWhNFJAHzmK-uWlrKGG-fJVllhRj68neB48zjQ45inU_xnr0OHzNrNfxwKPsGMHvbOARNuy5VrZBA5efNX-ePZApV7N6pwqDRPBaeJk30IU0XmK7F4VAW4q3D_gBMwLfSBb5IJFA2QB_gZx056LQDB5lecnzfvj_qLMCz5ZqSOcc9BQAh1ptRkaFoJI5Oo_0QMT6nRxll3SVGsmlSjafTDmdnwBkFD4_mi1fPsRQkWVsiXEq66Lhh9cbDHeIFKpULcGLPIYMW-WSatMXzLYb6iR8RNKQ6sZBdDxDkBLtrs8WbnRfengdLZCciZhVzBTJjvGbCUpuv0OEZu7H8Fz878IRzYQBUDm9NmcZ5KVxThN8chTgl-TjhzlZlp-CeS-v5ps0AHTLowNgZCVim5_vre_6w32LdnuCLcd2NU_RIXPb_l-ShZTrOnV8dzxbPnufgB4HBOAwyi0YB-gF8nj0o13dyePnibDhsPrsCeETk92Um0cc-2nADlhkVOGUJKEX1Pu1ZfgrYD_c4_Ld9fEhwFCpsOHnr_907joA3r63ahUIHY1gvRUL-f68L0UlZPhI7E_0QuEeHp4TAzzGjBxyzbA8D5-m4QvRzpL6_eu9WkRZJH6ttGqUXaAyRBKOkaETOgdSI-LkV2eVovUnImtfWL5UCsEbWAcTvZS2pHcobR85ms4eGGLgndL4i2AzGifUvnGN3LMnCPZ8NrbYtepv3-1Txx2Af_fsxTdsbEnjHQOfExi86-N0CigIsjc0cOvRHTInKuk7-TnbXTTpvlKXGijInauXY10EPJ1fVC7S9g3TeWLit-nqUgL5m5W78ZpfCTPaKQPET5uh-Tdu3T4JOQRHQaIvoiULrsUf92vFBwhB-NwaoP8KvxhrixmS31OsBklEs9OiY7Dmcks9x4RVgRm9P_C2dFub5AF-HFIJxZhWD4W_6CXA06ivJ9fDGf1yYL5xw7DvUNy4JwAyKrpUbNnUnlay1iyA-9bV_JlGI44Nfa5whvH0-GYGkkVZpIF7GRy52NOHin1yMFtcKbKZavZDaa_0bgRq2-upLr4LAnJ0DvcI51Kn8mInHatsq2UnrFY44DccaJZCZRXPKLpEkHKx2LJEe2qyaFPOC4QHpcNi-g3aiQjMliQm9yYiOGvleI76B7QGBOlxiR1qHyY1RWRHn5PCAgKBKY_mwwpVbRMtZSAgarttBGXkS-XfirB0zgbrK2uUd8Xz0O973D5CfR8kUT-O8dpFiw&cid=CAASEuRoJHw2WkDLwUtKaM-gtZIJhQ&rfl=3%2Chttps%253A%252F%252Fhk.on.cc%242%2C%2Chttps%253A%252F%252Fad6.on.cc%252Fweb%252Fhtml%252Fgoogle%252Fhousead%252Flrec1_422.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 11:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50963
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 08 Oct 2022 11:42:17 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6EE7 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 08 Oct 2021 11:42:17 GMT
expires
Sat, 08 Oct 2022 11:42:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50963
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
npoee1nv94vs
hal9000.redintelligence.net/zone/ Frame BC3E 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-d0krPVgYczNJ9nsgAfil7-gBrXN-YNXzN65q-UM8C4QASC1zvcfYJXikIKgB8gBCakCnWwL5wZrsz6oAwGqBM0BT9CKiLNlQnm4NbstgMm0xJ73fTmvJT2ihlaNcDUq3ZlUafaRblS37h0jgPC6g9sTir2tqUuMCqYKrPARKJPk6-lAUnEH5ofL8l3QEaD-AuY4A9M_n9ViKc1JWhtS9cPVj380EMuQmpHFHOISHaaVxEh5jbJbIADBLR3KjSNMvXic11RFZ-4BHvFVB_GR3FOU1p06VbUrjIzmV5O5E0TeBA1fqh2F3C-gcq0QTCMxE-xt6rt49BI0Gm11a2S8z4Y7BXekUGjhMe0dd756W8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJHw2WkDLwUtKaM-gtZIJhQ%26sig%3DAOD64_13c23eZr7P2W9E4bjfzZSfgvGVhA%26client%3Dca-pub-3571272074788370%26dbm_c%3DAKAmf-ApUFt2VAoYBJEFIzo607imgA-Fs-fZ2TbUFRgf9up9qTuVdBQ5U7r4ByqZn7qjAJwlUkLywsFONfUmS7FYaNeRW6YzKEbThbso7Hvp6YMaaSBLobkr8KbGdhX3p3dREa1BZBBrtqA53dt_VPJazij-8Ry1SA%26cry%3D1%26dbm_d%3DAKAmf-DbdsCG88CtZbKcDFg4bWzDuXQTQ6UlEOKQCcVjs-a4eI3CGYfg1e5r7lFnmT2E_cgoPlhjRAudYI17_Rn0eDcz3XOBiu6rakvNajjFtF2qU46escDn0fGderpUcVHPpg1UyQV9wiouRD4IXEPaqOZObwNpfjMonee07wtEFn-y5jndk0NoaTiHY8Qrr-K3-inddtZELjWF0u5shaBrPzG0qstlAml2Gi0VBgPLOcwF5Uwq1nBA1kjfxXqhktV0YmD_7DUL5yx0n7vm_BF-7XvJvLsT5nzRBy41NMuvDRE_gf4YdioJfWUw-mbBb9gPVh6uuOBpTzZYFT18bRi_7GpTgYBEbGT7NvmZiO7ptzR7EqpoR4zqQcPy166CSA9G8VsQ0RhTU6VZJ-_LIUAYB4pqkDNIVPPXNzcU9ilFEkNQXNgGGfXE9Ln_n4o_QLyHa0UaBN0f0VnPxsMElsS7CC018bGi1xFYsBLUKkq1QCC9KZuV1E9oq7EbQZ0FQRI4qvTpz0EFivc7IAYvEdPpVRcq6L0UUA%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f684079bbfaf797e9bc635f6beeddb05d75bead79c54aa83eaa3398523090294

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3941
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
sd
us-u.openx.net/w/1.0/ Frame 4926
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEbMSgybiSQVps2in8j3a_s&google_cver=1
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEbMSgybiSQVps2in8j3a_s&google_cver=1
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEbMSgybiSQVps2in8j3a_s&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUbZ-9lKkQLkxEpIMPOgUNEpfCoJWIMlKPY0I1jh-BvFilciftUKL8FaKrEv9tqBjQZqEW6k5k0dtUUFeLAroGW_ZMME05FqUmt0uBFhrGxsbAKm5c4iQzw3ehug_UYlKJtlw23M6h_8smMVDLpoQvIW3nG0tmMsODO1_Lfw4lE_GUMOuU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.216.4 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
via
1.1 google
server
OXGW/16.216.4
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEEbMSgybiSQVps2in8j3a_s&google_cver=1
date
Sat, 09 Oct 2021 01:51:41 GMT
via
1.1 google
server
OXGW/16.216.4
alt-svc
clear
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
pixel
cm.g.doubleclick.net/ Frame 4926
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODc1MzU5YjctMzM2Yi0yMzNlLWQyOTYtMTY3OTliMmEwZWU4
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODc1MzU5YjctMzM2Yi0yMzNlLWQyOTYtMTY3OTliMmEwZWU4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUbZ-9lKkQLkxEpIMPOgUNEpfCoJWIMlKPY0I1jh-BvFilciftUKL8FaKrEv9tqBjQZqEW6k5k0dtUUFeLAroGW_ZMME05FqUmt0uBFhrGxsbAKm5c4iQzw3ehug_UYlKJtlw23M6h_8smMVDLpoQvIW3nG0tmMsODO1_Lfw4lE_GUMOuU
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 09 Oct 2021 01:51:41 GMT
content-encoding
gzip
server
OXGW/16.216.4
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ODc1MzU5YjctMzM2Yi0yMzNlLWQyOTYtMTY3OTliMmEwZWU4
content-type
image/gif
alt-svc
clear
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 4926
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEDV-K1hhRu24ZHW7tQNJFW8&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEDV-K1hhRu24ZHW7tQNJFW8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUbZ-9lKkQLkxEpIMPOgUNEpfCoJWIMlKPY0I1jh-BvFilciftUKL8FaKrEv9tqBjQZqEW6k5k0dtUUFeLAroGW_ZMME05FqUmt0uBFhrGxsbAKm5c4iQzw3ehug_UYlKJtlw23M6h_8smMVDLpoQvIW3nG0tmMsODO1_Lfw4lE_GUMOuU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 09 Oct 2021 01:51:41 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEDV-K1hhRu24ZHW7tQNJFW8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 4926 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhCn9EsYtKK9lQEwAQ&v=APEucNUbZ-9lKkQLkxEpIMPOgUNEpfCoJWIMlKPY0I1jh-BvFilciftUKL8FaKrEv9tqBjQZqEW6k5k0dtUUFeLAroGW_ZMME05FqUmt0uBFhrGxsbAKm5c4iQzw3ehug_UYlKJtlw23M6h_8smMVDLpoQvIW3nG0tmMsODO1_Lfw4lE_GUMOuU
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.6 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 09 Oct 2021 01:51:41 GMT
server
akka-http/10.2.6
content-length
23
content-type
image/gif
m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
pagead2.googlesyndication.com/bg/ Frame 6EE7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 20:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
18080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13358
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 08 Oct 2022 20:50:21 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/ Frame 7284 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJbxOJRuRko4a50_cmcH40y8Z4g4pIMN1rfuXnufWr3Nu0otSN3GoOs_vsXSKrvW3tHVRdD6t0ieywg_2Vnwp2CtwoYBEWpsDLgsYGrjKCpVYKM7E_700JZhuRiMaK2Si-Dn1BYH9jKkSvPjafDn1JWGcQtg&cry=1&dbm_d=AKAmf-AU40oTe2TWFaWtA5snw3axErq-VosWCL6ihzW27OvHPRDQI8LsC-W_xQO_1RYQUxmYlkBWbmcoLuvQZvQW5MD5jwEU-zsCyUjpXMW25UyrgNhQvkR1MaTMEgvNJ-do2J_rlTMPT7HO807MUdPpwPUwKlbVe7y9b1gIJnR3IbaAN_U4tWFHvTBrSTs6CmQLHTmpaDyNJgjmn7_6GamgNEAx3PagO5D-qQREfjSTMATDeT9oKycNRGvntA5dBQXrCjX8rGKKV8AWXEY4oyS_LnvYOhS7D2ngvNPT-pkVkqIQixsO8_z_ZK6uZCP4vwUnH_bkb8Mbz1KEG8g0xXNubsMP84S50RSD8lvh3hu3vK9BJOqQPnVsJ3pPU-Lu6qzgLQeH9o4H5ZM6ehjHPpa1gE6BjfQ7KieYqDU1Bsx2v79Psp58eJLQZ7Cj4j1nwc2zqNdJTJQMgV2469nX8kcOvjwNIUVmhz7cond-fzaCaPBQIC-IoMjZa-hXebn8d0e_u3S2vYfqqHebIpRRr6PwnVeoZSLBxwCAjX-UtUkEAdWhB55Vn4tGUmY-MUN_tFnNlVc5fXdTosCDSoslZAbL1L08SX9fnzXTEcKsS4PEEOgdaZFo2gpWSV5mCqiExlKdHu-06rflJJ1e0OXmCcdPPc0H0wvrsjd6szIe9n6Zu-pShCE9cAmQjIy6i1JaqBYD099JqBmS_q9SgSxJyqysUdwyGZN8fYFcxgJH5VYA4eS0bl2R2DmQXqMlzGRXAcBsS9oXKerP-g_nL_yvHztzmV1HM8gT3iwpw3Kl56u1ZKH1bztbIDMtSu6wHAr0osGhgB-gzcOOXOBGSh-fKKb_Lgh7W2RT-i7UakR_T-anB5TI8n0J65DTc2sfRVKDiqHMaBIAZpj3zxXw-sh0WI4zSIF0gdjFOLOz_ooEEDIGeWr6sixtCBkbtv7NY1hkxv91XdFy-KOF0cvTk6vgjcLFDfh_vQEje-dEvpVeXS7L0VJuuQCISnfIlWG8c_MYoUmJGHS_2grJZyUC2TRchyAJYsyVa_NydYFH5Ytg-nj2gQITSr7XfNJ2LIlaQhe8gAjwgPySeu7MTLrOYINu-9Kxdtfw1fZ4AwX4KBZ1zwoBfgjo4Iqr0190_93b6EzpMn_Qn0F5efuC5rOPyitQtU01FjQifZgZlRiC7kBn-BOIa7sSHRMLydjNfapw_uFwS-6OEpiZusu5WSdMD90WGfE84c0Etl-F04w-wOWfLLNmv_xIXIwkhsArMTLduROIRjO5yatItV_H0pGxYnaSQaOGy-Zoy3Kww_s_0JmgWVIOFm4BzBlzVNRHcEYcBBAsTfn0NI8bGjg_rE99jFXgIQUneEA1HVePWqe7vjvNjAk9Jb60Rbn8WcHuBpiplB1pI1xsMYzDlgHH8DwoB3vR23PENQS8k5ioWRyKJ3jV1X8jnDuvNad6PfgvLqs14qTZA2ZUfAFYSaqNUjw7x-VOx15Kos-1ZNxBwpmWPjdgOpSBk4DW8UOmoI7dOiSZJOjP1MCwQeKF7nCki61GEuAM5pDy8ZgzgI5GroJ7jdMOJFkG6ZTIqJeRqVYRWttE0cjWC9PTL7kNDcFtBew9Kzv61NvvWwRZDWt7fZa8iD1p-eUmLvi1J1g8xgu-Wa1h1AUgvs8WTTlJCK0A2bmaUdMLDEaH3xyD98LTf0MyT79ik2vUTcXZD4rILC5hztEyrsBvCF8eWJckbhyGdhUI8mWgN0f1bcnHHmYrJTHM6FdE4xWdSb3r_9tyMPrFZXZAuZnGdjoMj7MRg9G5wsuAKdlp_jXDWWK--xlwSY4ANYWU-WZbTAI5N6NThVl9XvHzqker3chjcGXWyTzGqEXTYpvnuAGdY2cdWbA4VohisuW2-p-GUd9ukDMlKCYVwUXa2HGRPESPjcm0iPYFChqf7eYWswX6Lq8zY7TUv40-QDw7XIE76nHtGbML3pkH0GsOJuCGuCJGx0_OtfGU8PAtDZX3DCRU8f3wtNwBgvCWUpUeKpsp0_wjlxLea44fVkpwg7NxWhBDUnWE6oFkFAN5Jq8UYqeEpJuPbKXCOEHaNdWIgkFgz4xfx8Hf0WWOJ4cel7Dk96t7XmuwteaEJOo2jVsOFhsre8C9ctdoMtzUzUBUHhMJ6qDw2d5Cx567IhB6G-0xxmbBFQ8TVHK3EtDtBRNyFqYH8meKPacKypnX8Y4UKTbRFktIDl8UGjUEXPUPh-bL65626wWUJ5OVK7xmT13al2KxAHn9Mo1EK9ahkbSTjrwFWrFWoiVDnhT9ug5KCHWj4rK2-YcLVgpR-pqRzXPF2Jdp3EADVHyvIikeX6ynqvhK4_eqExZMs9OOHsLP4VhB_xkP9yyBZuaEWTxN1KLVnGUQR7AIj1KApGKyWO5xHvIPLvPPPCl8yMmQrTXjhhLdjSeTdqhSVhYONx4s89_2Bop0hE-DqPOTroAB7sI6ZyUmJmPq4YWAK8m7vwo943TOhcS9vuLH6iLcmJG0zZEp1KNz2rVTi1qDLCI83TJX6pJnh5lI2kzMPBRmoYYrV2pJvSqQDhpQ36Cb9ROwvaMxFiYqITqzvgToVOxPK7kcpm9hU-nqOs67TA1QyN8P9K8cxeI2amHxVLkVenggltyUNdibve3pOvg-a-zNbq8wRPNkVD1A6cGzHGPpwBghSvjxhE3_zOq_qsmXFRXzMwHk8RQSYRJHlsvghqsg9EqfSQOaqa9EK7aewh6dbvkb72vxAD6a6cI4_aEf3CtJE0RsA0TuhYtldZGdZ_IzijXw3Ls8oCLHHoAUIW3QAoUd_WOWGc4MsazAgHCUO3OwGL_JB2U-5RXRZ_e5kJjOZgfzxemd_9D23klAeJL2_XpuieymiDxvJWxUmRtCJntuc9gUFsBU1orCxeoft0RW2RL3eTUwQ_QUTbiODhfMu_UpPEe9nZXFHomjknMLH4l1_l8AZNIi1Ubb40FGiv5ckyzPNd-R_oPu0jqBkS2H13f6mRfcuW3VVqJFJRw46slWp8QltUxK1b-yOchfhqoE7igv5fddugbljfOeN4t-8QHCVFE8_lKIsix8HMGQUDjpAxZgfjvznVtoPPs7KFtovuW07u47a-kiXsV-w9g&cid=CAASEuRoCFU71fzMhUHsTTykviKO-w&rfl=2%2Chttps%253A%252F%252Fhk.on.cc%242%2Chttps%253A%252F%252Fad6.on.cc%252Fweb%252Fhtml%252Fgoogle%252Fhousead%252Flrec1_423.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
0b4cc12ccd09adacbf7695b7ae68d146a6b9bfa7a2058dbd4e58f31c14ec5e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:12:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2333
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9203
x-xss-protection
0
server
cafe
etag
15223966529599630443
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 23 Oct 2021 01:12:48 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 7284 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJbxOJRuRko4a50_cmcH40y8Z4g4pIMN1rfuXnufWr3Nu0otSN3GoOs_vsXSKrvW3tHVRdD6t0ieywg_2Vnwp2CtwoYBEWpsDLgsYGrjKCpVYKM7E_700JZhuRiMaK2Si-Dn1BYH9jKkSvPjafDn1JWGcQtg&cry=1&dbm_d=AKAmf-AU40oTe2TWFaWtA5snw3axErq-VosWCL6ihzW27OvHPRDQI8LsC-W_xQO_1RYQUxmYlkBWbmcoLuvQZvQW5MD5jwEU-zsCyUjpXMW25UyrgNhQvkR1MaTMEgvNJ-do2J_rlTMPT7HO807MUdPpwPUwKlbVe7y9b1gIJnR3IbaAN_U4tWFHvTBrSTs6CmQLHTmpaDyNJgjmn7_6GamgNEAx3PagO5D-qQREfjSTMATDeT9oKycNRGvntA5dBQXrCjX8rGKKV8AWXEY4oyS_LnvYOhS7D2ngvNPT-pkVkqIQixsO8_z_ZK6uZCP4vwUnH_bkb8Mbz1KEG8g0xXNubsMP84S50RSD8lvh3hu3vK9BJOqQPnVsJ3pPU-Lu6qzgLQeH9o4H5ZM6ehjHPpa1gE6BjfQ7KieYqDU1Bsx2v79Psp58eJLQZ7Cj4j1nwc2zqNdJTJQMgV2469nX8kcOvjwNIUVmhz7cond-fzaCaPBQIC-IoMjZa-hXebn8d0e_u3S2vYfqqHebIpRRr6PwnVeoZSLBxwCAjX-UtUkEAdWhB55Vn4tGUmY-MUN_tFnNlVc5fXdTosCDSoslZAbL1L08SX9fnzXTEcKsS4PEEOgdaZFo2gpWSV5mCqiExlKdHu-06rflJJ1e0OXmCcdPPc0H0wvrsjd6szIe9n6Zu-pShCE9cAmQjIy6i1JaqBYD099JqBmS_q9SgSxJyqysUdwyGZN8fYFcxgJH5VYA4eS0bl2R2DmQXqMlzGRXAcBsS9oXKerP-g_nL_yvHztzmV1HM8gT3iwpw3Kl56u1ZKH1bztbIDMtSu6wHAr0osGhgB-gzcOOXOBGSh-fKKb_Lgh7W2RT-i7UakR_T-anB5TI8n0J65DTc2sfRVKDiqHMaBIAZpj3zxXw-sh0WI4zSIF0gdjFOLOz_ooEEDIGeWr6sixtCBkbtv7NY1hkxv91XdFy-KOF0cvTk6vgjcLFDfh_vQEje-dEvpVeXS7L0VJuuQCISnfIlWG8c_MYoUmJGHS_2grJZyUC2TRchyAJYsyVa_NydYFH5Ytg-nj2gQITSr7XfNJ2LIlaQhe8gAjwgPySeu7MTLrOYINu-9Kxdtfw1fZ4AwX4KBZ1zwoBfgjo4Iqr0190_93b6EzpMn_Qn0F5efuC5rOPyitQtU01FjQifZgZlRiC7kBn-BOIa7sSHRMLydjNfapw_uFwS-6OEpiZusu5WSdMD90WGfE84c0Etl-F04w-wOWfLLNmv_xIXIwkhsArMTLduROIRjO5yatItV_H0pGxYnaSQaOGy-Zoy3Kww_s_0JmgWVIOFm4BzBlzVNRHcEYcBBAsTfn0NI8bGjg_rE99jFXgIQUneEA1HVePWqe7vjvNjAk9Jb60Rbn8WcHuBpiplB1pI1xsMYzDlgHH8DwoB3vR23PENQS8k5ioWRyKJ3jV1X8jnDuvNad6PfgvLqs14qTZA2ZUfAFYSaqNUjw7x-VOx15Kos-1ZNxBwpmWPjdgOpSBk4DW8UOmoI7dOiSZJOjP1MCwQeKF7nCki61GEuAM5pDy8ZgzgI5GroJ7jdMOJFkG6ZTIqJeRqVYRWttE0cjWC9PTL7kNDcFtBew9Kzv61NvvWwRZDWt7fZa8iD1p-eUmLvi1J1g8xgu-Wa1h1AUgvs8WTTlJCK0A2bmaUdMLDEaH3xyD98LTf0MyT79ik2vUTcXZD4rILC5hztEyrsBvCF8eWJckbhyGdhUI8mWgN0f1bcnHHmYrJTHM6FdE4xWdSb3r_9tyMPrFZXZAuZnGdjoMj7MRg9G5wsuAKdlp_jXDWWK--xlwSY4ANYWU-WZbTAI5N6NThVl9XvHzqker3chjcGXWyTzGqEXTYpvnuAGdY2cdWbA4VohisuW2-p-GUd9ukDMlKCYVwUXa2HGRPESPjcm0iPYFChqf7eYWswX6Lq8zY7TUv40-QDw7XIE76nHtGbML3pkH0GsOJuCGuCJGx0_OtfGU8PAtDZX3DCRU8f3wtNwBgvCWUpUeKpsp0_wjlxLea44fVkpwg7NxWhBDUnWE6oFkFAN5Jq8UYqeEpJuPbKXCOEHaNdWIgkFgz4xfx8Hf0WWOJ4cel7Dk96t7XmuwteaEJOo2jVsOFhsre8C9ctdoMtzUzUBUHhMJ6qDw2d5Cx567IhB6G-0xxmbBFQ8TVHK3EtDtBRNyFqYH8meKPacKypnX8Y4UKTbRFktIDl8UGjUEXPUPh-bL65626wWUJ5OVK7xmT13al2KxAHn9Mo1EK9ahkbSTjrwFWrFWoiVDnhT9ug5KCHWj4rK2-YcLVgpR-pqRzXPF2Jdp3EADVHyvIikeX6ynqvhK4_eqExZMs9OOHsLP4VhB_xkP9yyBZuaEWTxN1KLVnGUQR7AIj1KApGKyWO5xHvIPLvPPPCl8yMmQrTXjhhLdjSeTdqhSVhYONx4s89_2Bop0hE-DqPOTroAB7sI6ZyUmJmPq4YWAK8m7vwo943TOhcS9vuLH6iLcmJG0zZEp1KNz2rVTi1qDLCI83TJX6pJnh5lI2kzMPBRmoYYrV2pJvSqQDhpQ36Cb9ROwvaMxFiYqITqzvgToVOxPK7kcpm9hU-nqOs67TA1QyN8P9K8cxeI2amHxVLkVenggltyUNdibve3pOvg-a-zNbq8wRPNkVD1A6cGzHGPpwBghSvjxhE3_zOq_qsmXFRXzMwHk8RQSYRJHlsvghqsg9EqfSQOaqa9EK7aewh6dbvkb72vxAD6a6cI4_aEf3CtJE0RsA0TuhYtldZGdZ_IzijXw3Ls8oCLHHoAUIW3QAoUd_WOWGc4MsazAgHCUO3OwGL_JB2U-5RXRZ_e5kJjOZgfzxemd_9D23klAeJL2_XpuieymiDxvJWxUmRtCJntuc9gUFsBU1orCxeoft0RW2RL3eTUwQ_QUTbiODhfMu_UpPEe9nZXFHomjknMLH4l1_l8AZNIi1Ubb40FGiv5ckyzPNd-R_oPu0jqBkS2H13f6mRfcuW3VVqJFJRw46slWp8QltUxK1b-yOchfhqoE7igv5fddugbljfOeN4t-8QHCVFE8_lKIsix8HMGQUDjpAxZgfjvznVtoPPs7KFtovuW07u47a-kiXsV-w9g&cid=CAASEuRoCFU71fzMhUHsTTykviKO-w&rfl=2%2Chttps%253A%252F%252Fhk.on.cc%242%2Chttps%253A%252F%252Fad6.on.cc%252Fweb%252Fhtml%252Fgoogle%252Fhousead%252Flrec1_423.html%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 11:42:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
50964
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 08 Oct 2022 11:42:17 GMT
request.php
hal90008.redintelligence.net/ Frame BC3E
Redirect Chain
  • https://hal90008.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d1b023b1ff&subid=&uid=1985af215704b051&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
  • https://hal90008.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d1b023b1ff&subid=&uid=1985af215704b051&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d1b023b1ff&subid=&uid=1985af215704b051&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-d0krPVgYczNJ9nsgAfil7-gBrXN-YNXzN65q-UM8C4QASC1zvcfYJXikIKgB8gBCakCnWwL5wZrsz6oAwGqBM0BT9CKiLNlQnm4NbstgMm0xJ73fTmvJT2ihlaNcDUq3ZlUafaRblS37h0jgPC6g9sTir2tqUuMCqYKrPARKJPk6-lAUnEH5ofL8l3QEaD-AuY4A9M_n9ViKc1JWhtS9cPVj380EMuQmpHFHOISHaaVxEh5jbJbIADBLR3KjSNMvXic11RFZ-4BHvFVB_GR3FOU1p06VbUrjIzmV5O5E0TeBA1fqh2F3C-gcq0QTCMxE-xt6rt49BI0Gm11a2S8z4Y7BXekUGjhMe0dd756W8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJHw2WkDLwUtKaM-gtZIJhQ%26sig%3DAOD64_13c23eZr7P2W9E4bjfzZSfgvGVhA%26client%3Dca-pub-3571272074788370%26dbm_c%3DAKAmf-ApUFt2VAoYBJEFIzo607imgA-Fs-fZ2TbUFRgf9up9qTuVdBQ5U7r4ByqZn7qjAJwlUkLywsFONfUmS7FYaNeRW6YzKEbThbso7Hvp6YMaaSBLobkr8KbGdhX3p3dREa1BZBBrtqA53dt_VPJazij-8Ry1SA%26cry%3D1%26dbm_d%3DAKAmf-DbdsCG88CtZbKcDFg4bWzDuXQTQ6UlEOKQCcVjs-a4eI3CGYfg1e5r7lFnmT2E_cgoPlhjRAudYI17_Rn0eDcz3XOBiu6rakvNajjFtF2qU46escDn0fGderpUcVHPpg1UyQV9wiouRD4IXEPaqOZObwNpfjMonee07wtEFn-y5jndk0NoaTiHY8Qrr-K3-inddtZELjWF0u5shaBrPzG0qstlAml2Gi0VBgPLOcwF5Uwq1nBA1kjfxXqhktV0YmD_7DUL5yx0n7vm_BF-7XvJvLsT5nzRBy41NMuvDRE_gf4YdioJfWUw-mbBb9gPVh6uuOBpTzZYFT18bRi_7GpTgYBEbGT7NvmZiO7ptzR7EqpoR4zqQcPy166CSA9G8VsQ0RhTU6VZJ-_LIUAYB4pqkDNIVPPXNzcU9ilFEkNQXNgGGfXE9Ln_n4o_QLyHa0UaBN0f0VnPxsMElsS7CC018bGi1xFYsBLUKkq1QCC9KZuV1E9oq7EbQZ0FQRI4qvTpz0EFivc7IAYvEdPpVRcq6L0UUA%26adurl%3D&documentReferer=https%3A%2F%2Fad6.on.cc%2Fweb%2Fhtml%2Fgoogle%2Fhousead%2Flrec1_422.html&ancestorOrigins=https%3A%2F%2Fad6.on.cc%2Chttps%3A%2F%2Fhk.on.cc%2Chttps%3A%2F%2Fhk.on.cc&random=9920915029041&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
796fa4869eb63bf3f5de67bef3faccce9bbb3fb65b44fd0dfa2d139fa2ffcb45

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:41 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
31009000010603400710616011742008
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
1192
Expires
Sat, 09 Oct 2021 02:51:41 +0200

Redirect headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:41 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d1b023b1ff&subid=&uid=1985af215704b051&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-d0krPVgYczNJ9nsgAfil7-gBrXN-YNXzN65q-UM8C4QASC1zvcfYJXikIKgB8gBCakCnWwL5wZrsz6oAwGqBM0BT9CKiLNlQnm4NbstgMm0xJ73fTmvJT2ihlaNcDUq3ZlUafaRblS37h0jgPC6g9sTir2tqUuMCqYKrPARKJPk6-lAUnEH5ofL8l3QEaD-AuY4A9M_n9ViKc1JWhtS9cPVj380EMuQmpHFHOISHaaVxEh5jbJbIADBLR3KjSNMvXic11RFZ-4BHvFVB_GR3FOU1p06VbUrjIzmV5O5E0TeBA1fqh2F3C-gcq0QTCMxE-xt6rt49BI0Gm11a2S8z4Y7BXekUGjhMe0dd756W8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJHw2WkDLwUtKaM-gtZIJhQ%26sig%3DAOD64_13c23eZr7P2W9E4bjfzZSfgvGVhA%26client%3Dca-pub-3571272074788370%26dbm_c%3DAKAmf-ApUFt2VAoYBJEFIzo607imgA-Fs-fZ2TbUFRgf9up9qTuVdBQ5U7r4ByqZn7qjAJwlUkLywsFONfUmS7FYaNeRW6YzKEbThbso7Hvp6YMaaSBLobkr8KbGdhX3p3dREa1BZBBrtqA53dt_VPJazij-8Ry1SA%26cry%3D1%26dbm_d%3DAKAmf-DbdsCG88CtZbKcDFg4bWzDuXQTQ6UlEOKQCcVjs-a4eI3CGYfg1e5r7lFnmT2E_cgoPlhjRAudYI17_Rn0eDcz3XOBiu6rakvNajjFtF2qU46escDn0fGderpUcVHPpg1UyQV9wiouRD4IXEPaqOZObwNpfjMonee07wtEFn-y5jndk0NoaTiHY8Qrr-K3-inddtZELjWF0u5shaBrPzG0qstlAml2Gi0VBgPLOcwF5Uwq1nBA1kjfxXqhktV0YmD_7DUL5yx0n7vm_BF-7XvJvLsT5nzRBy41NMuvDRE_gf4YdioJfWUw-mbBb9gPVh6uuOBpTzZYFT18bRi_7GpTgYBEbGT7NvmZiO7ptzR7EqpoR4zqQcPy166CSA9G8VsQ0RhTU6VZJ-_LIUAYB4pqkDNIVPPXNzcU9ilFEkNQXNgGGfXE9Ln_n4o_QLyHa0UaBN0f0VnPxsMElsS7CC018bGi1xFYsBLUKkq1QCC9KZuV1E9oq7EbQZ0FQRI4qvTpz0EFivc7IAYvEdPpVRcq6L0UUA%26adurl%3D&documentReferer=https%3A%2F%2Fad6.on.cc%2Fweb%2Fhtml%2Fgoogle%2Fhousead%2Flrec1_422.html&ancestorOrigins=https%3A%2F%2Fad6.on.cc%2Chttps%3A%2F%2Fhk.on.cc%2Chttps%3A%2F%2Fhk.on.cc&random=9920915029041&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sat, 09 Oct 2021 02:51:41 +0200
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame BB60 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
date
Fri, 08 Oct 2021 11:42:17 GMT
expires
Sat, 08 Oct 2022 11:42:17 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
50964
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
npoee1nv94vs
hal9000.redintelligence.net/zone/ Frame 7284 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/npoee1nv94vs?subid=&gdpr=-1&gdpr_consent=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIBLGrPVgYYaEKNLW-gaqib2oBbXN-YNXzN65q-UM8C4QASC1zvcfYJXikIKgB8gBCakCnWwL5wZrsz6oAwGqBM0BT9CV6hsMO3hv7jOE4XK14Nm6Ur3E45lrmfY65Xkxj1PF7Wzap94DbrOnAkZbCplKsPwJDCPe7INe7rUKFlOK71WSiyQEn9aK26mNNerhKIKTCPgmW1uoklgUyWUmh18igd2ZZ9yfJuhVZdZkfsZaciokJeMTlCDv68eDHjWVtiTrB6q53Q3Tvkt6Owg5vwgyODxevo6G9dvWcivjXK7CtnsmnkfXqdUlLRy77XrSLzapI2yfW-a_--i_qtKTgkCvxXmV-YeM3HOkMC7M58AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoCFU71fzMhUHsTTykviKO-w%26sig%3DAOD64_1lxUuAsay-tUqQk1X9jOogujxFFw%26client%3Dca-pub-3571272074788370%26dbm_c%3DAKAmf-AsBHFJNYy0821GTFTzfZRTHJ5bAy3LfP2QhW-Y2IAd6wamq1wkWXpPO6842WklcrR6HovQu1F2hfqGbDIGXsBkvNlAmcNhKSjc0j_tImDlbo9sSU3vIy-pjjpZkYhg4cGaSlnz4CgVImQ4CCZO9hx_g3Nhpg%26cry%3D1%26dbm_d%3DAKAmf-DK_3krBobCvABbgyyTS1QOBlITedLp6YUEHZJUpcrMzI4zrz2rV4j_NnMV7K5XTdCEnB5PsOrmBCFvSmTm6Dd7wfX-zSdQcMhEP3KGkUYxAvgJej5tkDDsnGAIdKgMf0vy9aNwiIuRzgfUmIK7P0uJa0UWoDcJJr1lUj_oYEpVeE5j3MAnFkUg9SzptB9OWZfMoE9ehXIJas6NJHi44EJC7Lo6ogxTyPx9jhVFyaTmXAlaiB4YJfcdlbbOhOsCqbR207-s3a2Y9pfsbBl3upInu1jv47dWvTFLL9whz5axDzINlb4GUBHLcGmzs7wlXJN9tQ1HAzDPNia9uWnUpX6WKXqAi0rEQGR-4ytPz3SVT__F5nlZ_SlDReWt0KKk9tbTk6PoArnNrbimspL6dPjx4QOtO2RktEg9Gr9MwV0TJ3vuWtPs-WrBMh_qAfREEgTLlvjsR4Sgwazjw3RnmAHJ6appH15441JNwMKRDCa1J0s2b-32C8OVjlodbwtXvJbbgbeHWT-YVeZ8dBDD9MTpiDKABA%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
804950bfa8f2b509f30b437b7c0a19bef4f1c0560d55921a45a0716e7f4b72c8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
3941
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
adlogs
in.treasuredata.com/js/v3/event/popin_ads/ 		89 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1633744301136&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoiaW1wIiwiYnVzaW5lc3NfdHlwZSI6IjEyIiwidGltZV9zaG93X3NlY29uZHMiOjIsIm5pZCI6IjYxMzE4MzM1ZjY4NmI2NjY2NzE5MmMyNCIsImNhbXBhaWduIjoiNjEzMDJjN2RmNjg2YjY1OWRlNTVkMTI0IiwidG9rZW4iOiJkNWYwN2ViYTYxZGQ1NDI5MzBkZDBlY2RjOGQ5NjgzYyIsInRpbWVzdGFtcCI6MTYzMzc0NDMwMTEzMywicmVjb21tZW5kX3Bvc2l0aW9uIjoxLCJhZF9wb3NpdGlvbiI6MSwiY2hhbm5lbF9pZCI6IndpdGhfc3pfc3RhbmRhcmQtcGMiLCJsX2NhdCI6bnVsbCwibV9jYXQiOm51bGwsInJlY2FsbF90YWciOiJiYXNlfGN2cl9yZWNhbGxfdjF8Y3RyIiwiYzEiOjAuMDAwNDEzNzIyMzQyNjYxMzkzMDcsImMyIjowLjAwMDQ4OTg0OTksInRpdGxlIjoi5LiA5qKd55q657SL6ICBMTDmrbLvvJ80NeatsuaXpeacrOWqveWqvemdoOmAmeS4gOaLm%2BaMgee6jOWHjem9oe%2B8gSIsInNhbXBsZSI6IiIsInZfZnJ1aXRfd29yZCI6IuaXpeacrCzlqr3lqr0s5oyB57qMLOeauue0iyIsImltYWdlX2hhc2giOiI0NjAzZWQ5ZWFhOTc1NzczMDIyN2Y5ZDQwZTUwZTU2YiIsImNsYXNzaWZ5Ijoi5Lq65ZKM5Lq65Y%2BC5LiO55qE5rS75YqoLeS6uueJqeeJueWGmS3nvo7lpbPlhpnnnJ8iLCJpbWFnZSI6Imh0dHBzOi8vaW1hZ2Vhd3MucG9waW4uY2MvZGlzY292ZXJ5LzA1ZDk2ODgwZGNiN2E4ZTY5NTU1N2Y0NzhlZGZiODQyLmpwZWciLCJjbGFyaXR5IjowLjk5LCJhZXN0aGV0aWMiOjAuODgsInNhbXBsZV90YWciOiJoa19kbm4iLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJoay5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJoay5vbi5jY18yIiwidXJsIjoiaHR0cHM6Ly9oay5vbi5jYy9oay9ia24vY250L25ld3MvMjAxNzA5MjkvYmtuLTIwMTcwOTI5MTExOTM5MDYyLTA5MjlfMDA4MjJfMDAxLmh0bWwiLCJsb2dpZCI6Ijg3MzViMWJjLWFlMTAtNDM0My1iNWE1LTJiNTkxOTc2ZGRmMSIsInVpZCI6ImI5NDZmNmQxY2E1ODZiMWJkM2MxNjMzNzQ0Mjk4Njc2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiODViNDBjOTMtZTRmNS00NWE0LTk5OGQtNTM5NzkzYjA3OGRjIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuiGoOaoveWbnuaUtueOh%2BS9juOAgOWVhuWgtOaOqOizuuepjeWIhuWbnuaUtuapn%2Bm8k%2BWLteeSsOS%2FnSIsInRkX3VybCI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImhrLm9uLmNjIiwidGRfcGF0aCI6Ii9oay9ia24vY250L25ld3MvMjAxNzA5MjkvYmtuLTIwMTcwOTI5MTExOTM5MDYyLTA5MjlfMDA4MjJfMDAxLmh0bWwiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6Ijg1YjQwYzkzLWU0ZjUtNDVhNC05OThkLTUzOTc5M2IwNzhkYyIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwiY2F0ZWdvcnkiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsImV4dHJhIjoiIiwiZnJ1aXRfc3R5bGUiOiI0IiwiYm94X3N0eWxlIjoiNDQ0NDQ0NDQiLCJyZWZlcnJlcl9yZWNvbW1lbmRfdHlwZSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback1
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.105.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-105-201.compute-1.amazonaws.com
Software
/
Resource Hash
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length
89
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
s.gif
r.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.popin.cc/s.gif?url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&uid=b946f6d1ca586b1bd3c1633744298676&type=pc_imp&nid=61318335f686b66667192c24&campaign=61302c7df686b659de55d124&media=hk.on.cc_2&r5=cc_business|ch_cy_tw&r6=d5f07eba61dd542930dd0ecdc8d9683c&t=1633744301133&tz=hk
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:41 GMT
last-modified
Tue, 10 Sep 2019 07:46:01 GMT
server
nginx
etag
"5d7754b9-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
adlogs
log.popin.cc/log/popin_ads/ 		66 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoiaW1wIiwiYnVzaW5lc3NfdHlwZSI6IjEyIiwidGltZV9zaG93X3NlY29uZHMiOjIsIm5pZCI6IjYxMzE4MzM1ZjY4NmI2NjY2NzE5MmMyNCIsImNhbXBhaWduIjoiNjEzMDJjN2RmNjg2YjY1OWRlNTVkMTI0IiwidG9rZW4iOiJkNWYwN2ViYTYxZGQ1NDI5MzBkZDBlY2RjOGQ5NjgzYyIsInRpbWVzdGFtcCI6MTYzMzc0NDMwMTEzMywicmVjb21tZW5kX3Bvc2l0aW9uIjoxLCJhZF9wb3NpdGlvbiI6MSwiY2hhbm5lbF9pZCI6IndpdGhfc3pfc3RhbmRhcmQtcGMiLCJsX2NhdCI6bnVsbCwibV9jYXQiOm51bGwsInJlY2FsbF90YWciOiJiYXNlfGN2cl9yZWNhbGxfdjF8Y3RyIiwiYzEiOjAuMDAwNDEzNzIyMzQyNjYxMzkzMDcsImMyIjowLjAwMDQ4OTg0OTksInRpdGxlIjoi5LiA5qKd55q657SL6ICBMTDmrbLvvJ80NeatsuaXpeacrOWqveWqvemdoOmAmeS4gOaLm+aMgee6jOWHjem9oe+8gSIsInNhbXBsZSI6IiIsInZfZnJ1aXRfd29yZCI6IuaXpeacrCzlqr3lqr0s5oyB57qMLOeauue0iyIsImltYWdlX2hhc2giOiI0NjAzZWQ5ZWFhOTc1NzczMDIyN2Y5ZDQwZTUwZTU2YiIsImNsYXNzaWZ5Ijoi5Lq65ZKM5Lq65Y+C5LiO55qE5rS75YqoLeS6uueJqeeJueWGmS3nvo7lpbPlhpnnnJ8iLCJpbWFnZSI6Imh0dHBzOi8vaW1hZ2Vhd3MucG9waW4uY2MvZGlzY292ZXJ5LzA1ZDk2ODgwZGNiN2E4ZTY5NTU1N2Y0NzhlZGZiODQyLmpwZWciLCJjbGFyaXR5IjowLjk5LCJhZXN0aGV0aWMiOjAuODgsInNhbXBsZV90YWciOiJoa19kbm4iLCJzbWphZCI6MCwiYXBpX2hvc3QiOiJoay5wb3Bpbi5jYyIsImRldmljZSI6InBjIiwibWVkaWEiOiJoay5vbi5jY18yIiwidXJsIjoiaHR0cHM6Ly9oay5vbi5jYy9oay9ia24vY250L25ld3MvMjAxNzA5MjkvYmtuLTIwMTcwOTI5MTExOTM5MDYyLTA5MjlfMDA4MjJfMDAxLmh0bWwiLCJsb2dpZCI6Ijg3MzViMWJjLWFlMTAtNDM0My1iNWE1LTJiNTkxOTc2ZGRmMSIsInVpZCI6ImI5NDZmNmQxY2E1ODZiMWJkM2MxNjMzNzQ0Mjk4Njc2IiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiODViNDBjOTMtZTRmNS00NWE0LTk5OGQtNTM5NzkzYjA3OGRjIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IuiGoOaoveWbnuaUtueOh+S9juOAgOWVhuWgtOaOqOizuuepjeWIhuWbnuaUtuapn+m8k+WLteeSsOS/nSIsInRkX3VybCI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS85My4wLjQ1NzcuNjMgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6ImhrLm9uLmNjIiwidGRfcGF0aCI6Ii9oay9ia24vY250L25ld3MvMjAxNzA5MjkvYmtuLTIwMTcwOTI5MTExOTM5MDYyLTA5MjlfMDA4MjJfMDAxLmh0bWwiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI5My4wLjQ1NzciLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiODViNDBjOTMtZTRmNS00NWE0LTk5OGQtNTM5NzkzYjA3OGRjIiwiY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJjYXRlZ29yeSI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwiZXh0cmEiOiIiLCJmcnVpdF9zdHlsZSI6IjQiLCJib3hfc3R5bGUiOiI0NDQ0NDQ0NCIsInJlZmVycmVyX3JlY29tbWVuZF90eXBlIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1633744301138
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx/1.13.5 /
Resource Hash
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Last-Modified
Mon, 07 Jan 2019 09:48:08 GMT
Server
nginx/1.13.5
ETag
"5c332058-42"
Content-Type
image/jpeg
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
66
ad
inrecsys.popin.cc/PopinService/Logs/ 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inrecsys.popin.cc/PopinService/Logs/ad?data=eyJ0ZF9jbGllbnRfaWQiOiI4NWI0MGM5My1lNGY1LTQ1YTQtOTk4ZC01Mzk3OTNiMDc4ZGMiLCJ0ZF9jb2xvciI6IjI0LWJpdCIsInRkX3NjcmVlbiI6IjE2MDB4MTIwMCIsInRkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidGRfdGl0bGUiOiLohqDmqL3lm57mlLbnjofkvY7jgIDllYbloLTmjqjos7rnqY3liIblm57mlLbmqZ/pvJPli7XnkrDkv50iLCJ0ZF91cmwiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJoay5vbi5jYyIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiIyMTYuMTMxLjExMS4xMzgiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiOTMuMC40NTc3IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImRpc2hfY29tbW9uX2NhdGVnb3J5IjoiYnVzaW5lc3MiLCJrZXkiOiJrZXkxNjMzNzQ0Mjk4Njc3Iiwibm93IjoxNjMzNzQ0MzAxMTM4LCJ1cmwiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInVpZCI6ImI5NDZmNmQxY2E1ODZiMWJkM2MxNjMzNzQ0Mjk4Njc2IiwiZGV2aWNlIjoicGMiLCJkaXNoX21lZGlhIjoiaGsub24uY2NfMiIsImRpc2hfY2F0ZWdvcnkiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsImRpc2hfZG9tYWluIjoiaGsub24uY2MiLCJ2X2Rpc2hfbGFiZWxzIjoi5Zue5pS2LOW4guawkSzkuozmsKfljJbnorMs5aal5ZaE6JmV55CGLOWwjeiLr+S6jOeUsizmjpLmlL7ph48s57i95bm55LqLLOeSsOS/nee9sizkuZnkuozphocs5YSq5oOg5Yi4LOWKieeliemLkizpoa/npLos5ZCI5L2cLOWcmOmrlCzlvJXlhaUs6YCP6YGOLOeJqeaWmSzlo5Plipss6LO65Y+WLOemrueJqSzlnLDnkIMs542O6LOeLOmmmea4ryzloIbmlL4s5b6q55KwLOi2hemBjiznm7jnrYks5L2/55SoLOioiOWKgyzllYblupcs6L6o6K2YLOWinuWKoCznvLrkuY8s56m66ZaTLOW7o+WgtCzmjoPmj48s5pWZ6IKyLOaWueazlSzkuIrmsLQs5Y+N5pigLOaWueW8jyzmo4Tnva4s5YuZ5rGCLOa4r+S6uizluIzmnJss5qKd56K8LOWPr+S+myzmlbjlrZcs5pyJ5YqpLOePvuaZgizmtJfmt6gs5YWn6KitLOaPm+WPlizpnIDlsIcs5pS55ZaELOWhkeiGoCznn6XorZgs6LyJ5pyJLOizh+aWmSzmipXlhaUiLCJ2X2Rpc2hfdGxhYmVscyI6IuWbnuaUtuapnyzlm57mlLbnjocs6byT5Yu1LOWVhuWgtCIsImxvZ2lkIjoiODczNWIxYmMtYWUxMC00MzQzLWI1YTUtMmI1OTE5NzZkZGYxIiwiYXBpX2hvc3QiOiJoay5wb3Bpbi5jYyIsInR5cGUiOiJpbXAiLCJ0aW1lX3Nob3dfc2Vjb25kcyI6MiwibmlkIjoiNjEzMTgzMzVmNjg2YjY2NjY3MTkyYzI0IiwidG9rZW4iOiJkNWYwN2ViYTYxZGQ1NDI5MzBkZDBlY2RjOGQ5NjgzYyIsInRpbWVzdGFtcCI6MTYzMzc0NDI5ODY3NywiYm94X3Bvc2l0aW9uIjoiYm90dG9tX3JpZ2h0IiwiY2hhbm5lbF9pZCI6IndpdGhfc3pfc3RhbmRhcmQtcGMiLCJjMiI6MC4wMDA0ODk4NDk5LCJzYW1wbGVfdGFnIjoiaGtfZG5uIiwiZnJ1aXRfdXNlcmlkIjoiU25vdmFqYXBhbl9ISyIsImZydWl0X2NhbXBhaWduIjoiNjEzMDJjN2RmNjg2YjY1OWRlNTVkMTI0IiwiZnJ1aXRfdGl0bGUiOiLkuIDmop3nmrrntIvogIExMOatsu+8nzQ15q2y5pel5pys5aq95aq96Z2g6YCZ5LiA5oub5oyB57qM5YeN6b2h77yBIiwiZnJ1aXRfZG9tYWluIjoid3d3LnNub3ZhLWhrLmNvbSIsImZydWl0X2J1c2luZXNzX3R5cGUiOiIxMiIsInZfZnJ1aXRfd29yZCI6IuaXpeacrCzlqr3lqr0s5oyB57qMLOeauue0iyIsImltYWdlX2hhc2giOiI0NjAzZWQ5ZWFhOTc1NzczMDIyN2Y5ZDQwZTUwZTU2YiIsImFkX3Bvc2l0aW9uIjoxLCJzYW1wbGUiOiIiLCJjbGFzc2lmeSI6IuS6uuWSjOS6uuWPguS4jueahOa0u+WKqC3kurrniannibnlhpkt576O5aWz5YaZ55yfIiwiaW1hZ2UiOiJodHRwczovL2ltYWdlYXdzLnBvcGluLmNjL2Rpc2NvdmVyeS8wNWQ5Njg4MGRjYjdhOGU2OTU1NTdmNDc4ZWRmYjg0Mi5qcGVnIiwiZnJ1aXRfaW1hZ2UiOiJodHRwczovL2ltYWdlYXdzLnBvcGluLmNjL2Rpc2NvdmVyeS8wNWQ5Njg4MGRjYjdhOGU2OTU1NTdmNDc4ZWRmYjg0Mi5qcGVnIiwiY2xhcml0eSI6MC45OSwiYWVzdGhldGljIjowLjg4LCJmcnVpdF9zdHlsZSI6IjQiLCJib3hfc3R5bGUiOiI0NDQ0NDQ0NCIsInBvcGluX3ZlcnNpb24iOjZ9
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Cross-Origin-Resource-Policy
cross-origin
Content-Length
0
Content-Type
text/plain
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EE7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCECgrPVgYcKtN_-N9u8P0Y684AcAAAAAOAHgBAI&bg=!aGulay_NAAbGFvHlxhY7ACkAdvg8Wk5WgFt6reV8XtSN_33d8vycaHbNB6DL7JI7cbI25Z-KvzJGzAIAAABoUgAAAAtoAQeZAvnIQje9ZSMzATYW3SR37agICHjLoxcMvNRwX86yuhYmyX31OhwrdTzCBMrgSJi5HKxZlSriKzWKenq7LsTtpuQsyabHvA6GGA8c01MAbLU5K0Hna_xwHwKHGEwicOFQxMP7aXKWpxP_QV99e3Ket8eKOaVYnc2LPbFKTb0GjsOkJjIYowQgpiqGZsNCGmPY29sdtso94A410MwepH1Sv6f6Np7EwOqQBx7qJBpC1IU-lGf6Ck58IgsQUopxkR9h3pf0Tm1SOjtRaGzSVobByMh3losSBhwHZyIO3LfXFFe3TfKDuP8zf-qQq_OzZzH7HjJ10np64qJIPgcetCRcnU_yYMvIT_L0Sl5XvvaQvMSKkQbHhTn8rcaVLasrhk0Q2ycngREffMC_o5HAYn9qAuN8OlQ9VaZmNdVKv0B8DTO--FwdBUYerQxG123Tj3K7wgpgmP2-cxtuoQigGELQ44NulaoBo5_9EXOEog0Mykr3VG85gLFGBRIfcuHkZtgSGEwthY_cPL_grIug1LsdgPcZUIZnL7sFHrzn1TlNP21WscT6KYnDoKKFCsSshkIrJkK87T2dYC6IcCEsScxoOrCG9mDUG5eHrPHx1stUX5S1X7ENFbQJ6wG1sc6uz6tY_uE2eb2iEY3_hs6CXwxGxLT1Gm0fl4FARkoE5IpCsT04TvoNuaMznEJLZYt7BigvBWLzDl4GML_DV_uB1VtHnBqZjFGEEMzgwwDDppvWj8cStDeSvtp4ujOkVzMDXNRZjE7XVHngnJ13Ayee8ojPqJmy-fEVqj-z6UrordpzupJ6MrkeQ6XuRmB68ZT0i6RQoyNgvNvO5cK5Ueia46_mph5JcAoefAvpY3aMwLRez2knpmcjdc7Eji30ZSzLcvj3ZqqVhYbxq7QKSBCF8v4yzGT2FOdH_E0P1H38H88Bbtz1ciyrR_g0_6NPReS91II8qIuYeTX_WzKpX0Yic8ZnuwL4l9vbupHXdDl9kkiuROSpFqyxkWGx6R7Fvw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
request.php
hal900014.redintelligence.net/ Frame 7284
Redirect Chain
  • https://hal900014.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=961729e2ba&subid=&uid=181dc6c6395bde2e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900014.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=961729e2ba&subid=&uid=181dc6c6395bde2e&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=961729e2ba&subid=&uid=181dc6c6395bde2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIBLGrPVgYYaEKNLW-gaqib2oBbXN-YNXzN65q-UM8C4QASC1zvcfYJXikIKgB8gBCakCnWwL5wZrsz6oAwGqBM0BT9CV6hsMO3hv7jOE4XK14Nm6Ur3E45lrmfY65Xkxj1PF7Wzap94DbrOnAkZbCplKsPwJDCPe7INe7rUKFlOK71WSiyQEn9aK26mNNerhKIKTCPgmW1uoklgUyWUmh18igd2ZZ9yfJuhVZdZkfsZaciokJeMTlCDv68eDHjWVtiTrB6q53Q3Tvkt6Owg5vwgyODxevo6G9dvWcivjXK7CtnsmnkfXqdUlLRy77XrSLzapI2yfW-a_--i_qtKTgkCvxXmV-YeM3HOkMC7M58AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoCFU71fzMhUHsTTykviKO-w%26sig%3DAOD64_1lxUuAsay-tUqQk1X9jOogujxFFw%26client%3Dca-pub-3571272074788370%26dbm_c%3DAKAmf-AsBHFJNYy0821GTFTzfZRTHJ5bAy3LfP2QhW-Y2IAd6wamq1wkWXpPO6842WklcrR6HovQu1F2hfqGbDIGXsBkvNlAmcNhKSjc0j_tImDlbo9sSU3vIy-pjjpZkYhg4cGaSlnz4CgVImQ4CCZO9hx_g3Nhpg%26cry%3D1%26dbm_d%3DAKAmf-DK_3krBobCvABbgyyTS1QOBlITedLp6YUEHZJUpcrMzI4zrz2rV4j_NnMV7K5XTdCEnB5PsOrmBCFvSmTm6Dd7wfX-zSdQcMhEP3KGkUYxAvgJej5tkDDsnGAIdKgMf0vy9aNwiIuRzgfUmIK7P0uJa0UWoDcJJr1lUj_oYEpVeE5j3MAnFkUg9SzptB9OWZfMoE9ehXIJas6NJHi44EJC7Lo6ogxTyPx9jhVFyaTmXAlaiB4YJfcdlbbOhOsCqbR207-s3a2Y9pfsbBl3upInu1jv47dWvTFLL9whz5axDzINlb4GUBHLcGmzs7wlXJN9tQ1HAzDPNia9uWnUpX6WKXqAi0rEQGR-4ytPz3SVT__F5nlZ_SlDReWt0KKk9tbTk6PoArnNrbimspL6dPjx4QOtO2RktEg9Gr9MwV0TJ3vuWtPs-WrBMh_qAfREEgTLlvjsR4Sgwazjw3RnmAHJ6appH15441JNwMKRDCa1J0s2b-32C8OVjlodbwtXvJbbgbeHWT-YVeZ8dBDD9MTpiDKABA%26adurl%3D&documentReferer=https%3A%2F%2Fad6.on.cc%2Fweb%2Fhtml%2Fgoogle%2Fhousead%2Flrec1_423.html&ancestorOrigins=https%3A%2F%2Fad6.on.cc%2Chttps%3A%2F%2Fhk.on.cc&random=3559416046578&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
33e58c840a141a0044aef6e584dac6a5d2e30fba8cbe62b3fc7745d9d4ec83ee

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:41 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
85341900008648900710616011742014
Connection
close
Content-Type
application/x-javascript; charset=utf-8
Content-Length
970
Expires
Sat, 09 Oct 2021 02:51:41 +0200

Redirect headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:41 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=961729e2ba&subid=&uid=181dc6c6395bde2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIBLGrPVgYYaEKNLW-gaqib2oBbXN-YNXzN65q-UM8C4QASC1zvcfYJXikIKgB8gBCakCnWwL5wZrsz6oAwGqBM0BT9CV6hsMO3hv7jOE4XK14Nm6Ur3E45lrmfY65Xkxj1PF7Wzap94DbrOnAkZbCplKsPwJDCPe7INe7rUKFlOK71WSiyQEn9aK26mNNerhKIKTCPgmW1uoklgUyWUmh18igd2ZZ9yfJuhVZdZkfsZaciokJeMTlCDv68eDHjWVtiTrB6q53Q3Tvkt6Owg5vwgyODxevo6G9dvWcivjXK7CtnsmnkfXqdUlLRy77XrSLzapI2yfW-a_--i_qtKTgkCvxXmV-YeM3HOkMC7M58AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoCFU71fzMhUHsTTykviKO-w%26sig%3DAOD64_1lxUuAsay-tUqQk1X9jOogujxFFw%26client%3Dca-pub-3571272074788370%26dbm_c%3DAKAmf-AsBHFJNYy0821GTFTzfZRTHJ5bAy3LfP2QhW-Y2IAd6wamq1wkWXpPO6842WklcrR6HovQu1F2hfqGbDIGXsBkvNlAmcNhKSjc0j_tImDlbo9sSU3vIy-pjjpZkYhg4cGaSlnz4CgVImQ4CCZO9hx_g3Nhpg%26cry%3D1%26dbm_d%3DAKAmf-DK_3krBobCvABbgyyTS1QOBlITedLp6YUEHZJUpcrMzI4zrz2rV4j_NnMV7K5XTdCEnB5PsOrmBCFvSmTm6Dd7wfX-zSdQcMhEP3KGkUYxAvgJej5tkDDsnGAIdKgMf0vy9aNwiIuRzgfUmIK7P0uJa0UWoDcJJr1lUj_oYEpVeE5j3MAnFkUg9SzptB9OWZfMoE9ehXIJas6NJHi44EJC7Lo6ogxTyPx9jhVFyaTmXAlaiB4YJfcdlbbOhOsCqbR207-s3a2Y9pfsbBl3upInu1jv47dWvTFLL9whz5axDzINlb4GUBHLcGmzs7wlXJN9tQ1HAzDPNia9uWnUpX6WKXqAi0rEQGR-4ytPz3SVT__F5nlZ_SlDReWt0KKk9tbTk6PoArnNrbimspL6dPjx4QOtO2RktEg9Gr9MwV0TJ3vuWtPs-WrBMh_qAfREEgTLlvjsR4Sgwazjw3RnmAHJ6appH15441JNwMKRDCa1J0s2b-32C8OVjlodbwtXvJbbgbeHWT-YVeZ8dBDD9MTpiDKABA%26adurl%3D&documentReferer=https%3A%2F%2Fad6.on.cc%2Fweb%2Fhtml%2Fgoogle%2Fhousead%2Flrec1_423.html&ancestorOrigins=https%3A%2F%2Fad6.on.cc%2Chttps%3A%2F%2Fhk.on.cc&random=3559416046578&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Type
text/html; charset=UTF-8
Content-Length
0
Expires
Sat, 09 Oct 2021 02:51:41 +0200
m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
pagead2.googlesyndication.com/bg/ Frame BB60 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 20:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
18080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13358
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 08 Oct 2022 20:50:21 GMT
view.aspx
pb.media01.eu/ Frame 2032
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=31009000010603400710616011742008&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=31009000010603400710616011742008&actionid=879111&produktid=ratenkredit&dt_url=
0
606 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=31009000010603400710616011742008&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d1b023b1ff&subid=&uid=1985af215704b051&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-d0krPVgYczNJ9nsgAfil7-gBrXN-YNXzN65q-UM8C4QASC1zvcfYJXikIKgB8gBCakCnWwL5wZrsz6oAwGqBM0BT9CKiLNlQnm4NbstgMm0xJ73fTmvJT2ihlaNcDUq3ZlUafaRblS37h0jgPC6g9sTir2tqUuMCqYKrPARKJPk6-lAUnEH5ofL8l3QEaD-AuY4A9M_n9ViKc1JWhtS9cPVj380EMuQmpHFHOISHaaVxEh5jbJbIADBLR3KjSNMvXic11RFZ-4BHvFVB_GR3FOU1p06VbUrjIzmV5O5E0TeBA1fqh2F3C-gcq0QTCMxE-xt6rt49BI0Gm11a2S8z4Y7BXekUGjhMe0dd756W8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJHw2WkDLwUtKaM-gtZIJhQ%26sig%3DAOD64_13c23eZr7P2W9E4bjfzZSfgvGVhA%26client%3Dca-pub-3571272074788370%26dbm_c%3DAKAmf-ApUFt2VAoYBJEFIzo607imgA-Fs-fZ2TbUFRgf9up9qTuVdBQ5U7r4ByqZn7qjAJwlUkLywsFONfUmS7FYaNeRW6YzKEbThbso7Hvp6YMaaSBLobkr8KbGdhX3p3dREa1BZBBrtqA53dt_VPJazij-8Ry1SA%26cry%3D1%26dbm_d%3DAKAmf-DbdsCG88CtZbKcDFg4bWzDuXQTQ6UlEOKQCcVjs-a4eI3CGYfg1e5r7lFnmT2E_cgoPlhjRAudYI17_Rn0eDcz3XOBiu6rakvNajjFtF2qU46escDn0fGderpUcVHPpg1UyQV9wiouRD4IXEPaqOZObwNpfjMonee07wtEFn-y5jndk0NoaTiHY8Qrr-K3-inddtZELjWF0u5shaBrPzG0qstlAml2Gi0VBgPLOcwF5Uwq1nBA1kjfxXqhktV0YmD_7DUL5yx0n7vm_BF-7XvJvLsT5nzRBy41NMuvDRE_gf4YdioJfWUw-mbBb9gPVh6uuOBpTzZYFT18bRi_7GpTgYBEbGT7NvmZiO7ptzR7EqpoR4zqQcPy166CSA9G8VsQ0RhTU6VZJ-_LIUAYB4pqkDNIVPPXNzcU9ilFEkNQXNgGGfXE9Ln_n4o_QLyHa0UaBN0f0VnPxsMElsS7CC018bGi1xFYsBLUKkq1QCC9KZuV1E9oq7EbQZ0FQRI4qvTpz0EFivc7IAYvEdPpVRcq6L0UUA%26adurl%3D&documentReferer=https%3A%2F%2Fad6.on.cc%2Fweb%2Fhtml%2Fgoogle%2Fhousead%2Flrec1_422.html&ancestorOrigins=https%3A%2F%2Fad6.on.cc%2Chttps%3A%2F%2Fhk.on.cc%2Chttps%3A%2F%2Fhk.on.cc&random=9920915029041&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Schwaig, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pb.media01.eu
:scheme
https
:path
/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=31009000010603400710616011742008&actionid=879111&produktid=ratenkredit&dt_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sat, 09 Oct 2021 03:51:40 GMT
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=hydje0q0foanahbenbyxkdwh; path=/; secure; HttpOnly DTU=F5230929443EA319EA9E87B38A726763; expires=Mon, 09-Oct-2023 01:51:40 GMT; path=/; SameSite=None; secure; HttpOnly
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Sat, 09 Oct 2021 01:51:40 GMT
content-length
0

Redirect headers

Server
nginx/1.19.7
Date
Sat, 09 Oct 2021 01:51:41 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Keep-Alive
timeout=20
X-Powered-By
PHP/7.2.34
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials
true
Set-Cookie
trscj=MTYzMzc0NDMwMXxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TTRPREZrTXpRd01EazVNMlV4WlRkbFAzTjFZbWxrUFRNeE1EQTVNREF3TURFd05qQXpOREF3TnpFd05qRTJNREV4TnpReU1EQTRKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2; expires=Sun, 09-Oct-2022 01:51:41 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure SERVERID177589=2|YWD1s|YWD1s; path=/; HttpOnly
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=31009000010603400710616011742008&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID
D8836F8A:E934_91EFC182:01BB_6160F5AD_10057DCC:26680
X-IPLB-Instance
40028
Cache-control
private
htlp
futalis.de/ Frame 4614
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=31009000010603400710616011742008
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=925703526
350 B
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=925703526
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=d1b023b1ff&subid=&uid=1985af215704b051&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC-d0krPVgYczNJ9nsgAfil7-gBrXN-YNXzN65q-UM8C4QASC1zvcfYJXikIKgB8gBCakCnWwL5wZrsz6oAwGqBM0BT9CKiLNlQnm4NbstgMm0xJ73fTmvJT2ihlaNcDUq3ZlUafaRblS37h0jgPC6g9sTir2tqUuMCqYKrPARKJPk6-lAUnEH5ofL8l3QEaD-AuY4A9M_n9ViKc1JWhtS9cPVj380EMuQmpHFHOISHaaVxEh5jbJbIADBLR3KjSNMvXic11RFZ-4BHvFVB_GR3FOU1p06VbUrjIzmV5O5E0TeBA1fqh2F3C-gcq0QTCMxE-xt6rt49BI0Gm11a2S8z4Y7BXekUGjhMe0dd756W8AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQH4FgGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoJHw2WkDLwUtKaM-gtZIJhQ%26sig%3DAOD64_13c23eZr7P2W9E4bjfzZSfgvGVhA%26client%3Dca-pub-3571272074788370%26dbm_c%3DAKAmf-ApUFt2VAoYBJEFIzo607imgA-Fs-fZ2TbUFRgf9up9qTuVdBQ5U7r4ByqZn7qjAJwlUkLywsFONfUmS7FYaNeRW6YzKEbThbso7Hvp6YMaaSBLobkr8KbGdhX3p3dREa1BZBBrtqA53dt_VPJazij-8Ry1SA%26cry%3D1%26dbm_d%3DAKAmf-DbdsCG88CtZbKcDFg4bWzDuXQTQ6UlEOKQCcVjs-a4eI3CGYfg1e5r7lFnmT2E_cgoPlhjRAudYI17_Rn0eDcz3XOBiu6rakvNajjFtF2qU46escDn0fGderpUcVHPpg1UyQV9wiouRD4IXEPaqOZObwNpfjMonee07wtEFn-y5jndk0NoaTiHY8Qrr-K3-inddtZELjWF0u5shaBrPzG0qstlAml2Gi0VBgPLOcwF5Uwq1nBA1kjfxXqhktV0YmD_7DUL5yx0n7vm_BF-7XvJvLsT5nzRBy41NMuvDRE_gf4YdioJfWUw-mbBb9gPVh6uuOBpTzZYFT18bRi_7GpTgYBEbGT7NvmZiO7ptzR7EqpoR4zqQcPy166CSA9G8VsQ0RhTU6VZJ-_LIUAYB4pqkDNIVPPXNzcU9ilFEkNQXNgGGfXE9Ln_n4o_QLyHa0UaBN0f0VnPxsMElsS7CC018bGi1xFYsBLUKkq1QCC9KZuV1E9oq7EbQZ0FQRI4qvTpz0EFivc7IAYvEdPpVRcq6L0UUA%26adurl%3D&documentReferer=https%3A%2F%2Fad6.on.cc%2Fweb%2Fhtml%2Fgoogle%2Fhousead%2Flrec1_422.html&ancestorOrigins=https%3A%2F%2Fad6.on.cc%2Chttps%3A%2F%2Fhk.on.cc%2Chttps%3A%2F%2Fhk.on.cc&random=9920915029041&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
167.233.14.134 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-2.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

:method
GET
:authority
futalis.de
:scheme
https
:path
/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=925703526
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

date
Sat, 09 Oct 2021 01:51:41 GMT
server
Apache
p3p
policyref="https://www.retailads.net//w3c/p3p.xml",CP="NOI CUR OUR STP"
set-cookie
pp2172=925703526; expires=Mon, 08-Nov-2021 01:51:41 GMT; Max-Age=2592000; path=/; domain=.retailads.net ppb2172=925703526; expires=Mon, 08-Nov-2021 01:51:41 GMT; Max-Age=2592000; path=/; domain=.retailads.net; samesite=none; secure
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=925703526
content-length
0
content-type
text/html; charset=utf-8
link.html
track.webgains.com/ Frame BC3E 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=723181&wgcampaignid=99582&js=1&nw=1&clickref=31009000010603400710616011742008&viewref=31009000010603400710616011742008
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
10db4dc4c370bc6a156a72fc9a0d737fca187df5df386eececa1908aa2da64b5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:41 GMT
Last-Modified
Sat, 09 Oct 2021 01:51:41 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1268
Expires
Mon, 26 Jul 1997 05:00:00 GMT
native.png
ad-server.eu/wm/pb/ Frame BC3E
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=31009000010603400710616011742008
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=31009000010603400710616011742008
  • https://ad-server.eu/wm/pb/native.png
68 B
312 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/native.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:55:21 GMT
Last-Modified
Sat, 21 Dec 2019 23:06:59 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"5dfea593-44"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
68

Redirect headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Server
nginx/1.17.5
X-IPLB-Request-ID
D8836F8A:E934_91EFC182:01BB_6160F5AD_10057DCE:26680
X-Powered-By
PHP/7.2.21
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type
text/html; charset=UTF-8
Location
https://ad-server.eu/wm/pb/native.png
Cache-control
private
Transfer-Encoding
chunked
Keep-Alive
timeout=20
gen_204
pagead2.googlesyndication.com/pagead/ Frame BB60 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnBbjrPVgYd-EO5aL7_UPnsuRmA4AAAAAOAHgBAI&bg=!n5ylnNjNAAbGFvHlxhY7ACkAdvg8WmDuSCQoFpoyU7jWMAbdhVK1tuoMFst0R7xwlZRc7lyl1oXsgQIAAABVUgAAAAxoAQeZAvHvc3OZ3t6SnIefigoyF6uz-6dHYCUlYCh5s-C9kJWHqdzNKvIfQwkHqjw0rSrurSneyvooQIcjGhkNPzz-rPFviBqydyVNHP6jaAHerr3BhB2B6IJ44pz5AgVHENOXhlHmp0iEEy_pN81Tzgto5RhAfIDgk5Wfx8RLxzSfHyThCwDvF7FqXd9F3bxpD4qMyu-H8yhQ-1o2FVvqeMk5p_EBldwOryOLAG-j_liOy7kl3q3mh9nJAB_3iVfMmZr_u7XIc7d1JGReRXLeRz8MUrhq_BrHNN4f3KBvJA8fN8xk87v60TAswaufkQVZLbqqo8b4aLBYXAPh9SdNor543X-oB7FRcwPAl5MBiZLo_Nfibod6gJXhlGkSiJhBzYfSVYwByy06MpnCjKnbIzXiAZgMiHBa9OAfQ7tXTwu43YqS1VtB_NkdcK3MoXF5NzNxVgYj-bWREGh-2zgYX7_Y_8ejNr4NoeKdnEPPtdg1SPao79yyLXbgW5zzVivwznevZtfLqd1-fkW4ovrc_30SqpnNbx902sBhffx9cCY4P04Oo-92rbZ7VqJHxUIgUi3xlVKo5FLrEoDbpE4yuLzHb53pprIdV6pt2Adrth2QcSbLC5kjJ2GxeWUjmfDUxUlVW11vpPV5PpzcrHKYhVCffK-iOvVeoASQ7t8bza9oCetee_K4gOUGotV3SdYZmnHzmkbItxgkcEbpx7pgBP2H5jq5L3MPrGUqVZhHEoGzvkWXDPp6X4wPcdDTJHthA7ZmtrPsYNYzqT-MU2TYLbTlSWE8IuDje4RxBNUCfGub_SGklXwByEo2U3mHoSHS3jDPd3NufejQUzKIrPdvBxR6nVq-qkcXtBwTKiO7xjEB9X7Ej70VOr4BsEgnGp3ce5ZqHyXJq3HnBAWbyNt9vWlrBmryULCpxxEyHKM8Mm3awGiuvcdQjZEJzMKBZ-bQ1nCWg3EELH3y0W9TN2hLapw_V-gygjQspd4RKwJzfmJd-tCg0uY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view.aspx
pb.media01.eu/ Frame 02B8
Redirect Chain
  • https://pv.medialead.de/trck/epv/e99aace94e6e5873b94a5452a6696367?subid=85341900008648900710616011742014&t=htlp
  • https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85341900008648900710616011742014&actionid=879111&produktid=ratenkredit&dt_url=
0
89 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85341900008648900710616011742014&actionid=879111&produktid=ratenkredit&dt_url=
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=961729e2ba&subid=&uid=181dc6c6395bde2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIBLGrPVgYYaEKNLW-gaqib2oBbXN-YNXzN65q-UM8C4QASC1zvcfYJXikIKgB8gBCakCnWwL5wZrsz6oAwGqBM0BT9CV6hsMO3hv7jOE4XK14Nm6Ur3E45lrmfY65Xkxj1PF7Wzap94DbrOnAkZbCplKsPwJDCPe7INe7rUKFlOK71WSiyQEn9aK26mNNerhKIKTCPgmW1uoklgUyWUmh18igd2ZZ9yfJuhVZdZkfsZaciokJeMTlCDv68eDHjWVtiTrB6q53Q3Tvkt6Owg5vwgyODxevo6G9dvWcivjXK7CtnsmnkfXqdUlLRy77XrSLzapI2yfW-a_--i_qtKTgkCvxXmV-YeM3HOkMC7M58AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoCFU71fzMhUHsTTykviKO-w%26sig%3DAOD64_1lxUuAsay-tUqQk1X9jOogujxFFw%26client%3Dca-pub-3571272074788370%26dbm_c%3DAKAmf-AsBHFJNYy0821GTFTzfZRTHJ5bAy3LfP2QhW-Y2IAd6wamq1wkWXpPO6842WklcrR6HovQu1F2hfqGbDIGXsBkvNlAmcNhKSjc0j_tImDlbo9sSU3vIy-pjjpZkYhg4cGaSlnz4CgVImQ4CCZO9hx_g3Nhpg%26cry%3D1%26dbm_d%3DAKAmf-DK_3krBobCvABbgyyTS1QOBlITedLp6YUEHZJUpcrMzI4zrz2rV4j_NnMV7K5XTdCEnB5PsOrmBCFvSmTm6Dd7wfX-zSdQcMhEP3KGkUYxAvgJej5tkDDsnGAIdKgMf0vy9aNwiIuRzgfUmIK7P0uJa0UWoDcJJr1lUj_oYEpVeE5j3MAnFkUg9SzptB9OWZfMoE9ehXIJas6NJHi44EJC7Lo6ogxTyPx9jhVFyaTmXAlaiB4YJfcdlbbOhOsCqbR207-s3a2Y9pfsbBl3upInu1jv47dWvTFLL9whz5axDzINlb4GUBHLcGmzs7wlXJN9tQ1HAzDPNia9uWnUpX6WKXqAi0rEQGR-4ytPz3SVT__F5nlZ_SlDReWt0KKk9tbTk6PoArnNrbimspL6dPjx4QOtO2RktEg9Gr9MwV0TJ3vuWtPs-WrBMh_qAfREEgTLlvjsR4Sgwazjw3RnmAHJ6appH15441JNwMKRDCa1J0s2b-32C8OVjlodbwtXvJbbgbeHWT-YVeZ8dBDD9MTpiDKABA%26adurl%3D&documentReferer=https%3A%2F%2Fad6.on.cc%2Fweb%2Fhtml%2Fgoogle%2Fhousead%2Flrec1_423.html&ancestorOrigins=https%3A%2F%2Fad6.on.cc%2Chttps%3A%2F%2Fhk.on.cc&random=3559416046578&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.198.250.30 Schwaig, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-250-30.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
pb.media01.eu
:scheme
https
:path
/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85341900008648900710616011742014&actionid=879111&produktid=ratenkredit&dt_url=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
DTU=F5230929443EA319EA9E87B38A726763
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
content-type
text/html; charset=UTF-8
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Sat, 09 Oct 2021 03:51:40 GMT
server
Microsoft-IIS/10.0
set-cookie
ASP.NET_SessionId=3hsdcix1gxve1j2o52llrzmg; path=/; secure; HttpOnly DTU=F5230929443EA319EA9E87B38A726763; expires=Mon, 09-Oct-2023 01:51:40 GMT; path=/; SameSite=None; secure; HttpOnly
p3p
policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
access-control-allow-origin
*
access-control-allow-credentials
true
x-xss-protection
1; mode=block
access-control-allow-methods
GET,POST
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
date
Sat, 09 Oct 2021 01:51:40 GMT
content-length
0

Redirect headers

Server
nginx/1.19.7
Date
Sat, 09 Oct 2021 01:51:41 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Keep-Alive
timeout=20
X-Powered-By
PHP/7.2.34
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Access-Control-Allow-Credentials
true
Set-Cookie
trscj=MTYzMzc0NDMwMXxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TmlPVFJoTlRRMU1tRTJOamsyTXpZM1AzTjFZbWxrUFRnMU16UXhPVEF3TURBNE5qUTRPVEF3TnpFd05qRTJNREV4TnpReU1ERTBKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2; expires=Sun, 09-Oct-2022 01:51:41 GMT; Max-Age=31536000; path=/; samesite=none; domain=.medialead.de; secure SERVERID177589=2|YWD1s|YWD1s; path=/; HttpOnly
Location
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=52180&dt_subid2=85341900008648900710616011742014&actionid=879111&produktid=ratenkredit&dt_url=
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload max-age=15768000
X-IPLB-Request-ID
D8836F8A:E946_91EFC182:01BB_6160F5AD_10055902:2667F
X-IPLB-Instance
40028
Cache-control
private
activityi;dc_pre=CIDr_-WbvPMCFeTLEQgdFJIDdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5448245473829.543
5994599.fls.doubleclick.net/ Frame 87D2
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5448245473829.543?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CIDr_-WbvPMCFeTLEQgdFJIDdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5448245473829.543?
391 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIDr_-WbvPMCFeTLEQgdFJIDdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5448245473829.543?
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
2950229613d9ad032e4b67ab02b27b6011238893a8898a114e9981bba26faaa2
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CIDr_-WbvPMCFeTLEQgdFJIDdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5448245473829.543?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm27ecBU4Pwx8ctanAz_RPQQSYH0ut-yOjumkvGw6sNJdMhlGzMonOkPvjZ3Do
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 09 Oct 2021 01:51:41 GMT
expires
Sat, 09 Oct 2021 01:51:41 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
321
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 09 Oct 2021 01:51:41 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CIDr_-WbvPMCFeTLEQgdFJIDdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5448245473829.543?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal900014.redintelligence.net/ Frame 2AF2 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/request_content.php?s=85341900008648900710616011742014&a=af669ec2
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request.php?zone=npoee1nv94vs&nw=20&renderingType=javascript&namespace=961729e2ba&subid=&uid=181dc6c6395bde2e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=300x250&scrollPos=0x0&extData[]=&envData=&gdpr=-1&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DCIBLGrPVgYYaEKNLW-gaqib2oBbXN-YNXzN65q-UM8C4QASC1zvcfYJXikIKgB8gBCakCnWwL5wZrsz6oAwGqBM0BT9CV6hsMO3hv7jOE4XK14Nm6Ur3E45lrmfY65Xkxj1PF7Wzap94DbrOnAkZbCplKsPwJDCPe7INe7rUKFlOK71WSiyQEn9aK26mNNerhKIKTCPgmW1uoklgUyWUmh18igd2ZZ9yfJuhVZdZkfsZaciokJeMTlCDv68eDHjWVtiTrB6q53Q3Tvkt6Owg5vwgyODxevo6G9dvWcivjXK7CtnsmnkfXqdUlLRy77XrSLzapI2yfW-a_--i_qtKTgkCvxXmV-YeM3HOkMC7M58AEqp38vs8B4AQDkAYBoAZNgAfr5-heqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGF-ACgGYCwHICwGADAGwE8Ka2grQEwDYEwPYFAHQFQGAFwE%26ae%3D1%26num%3D1%26cid%3DCAASEuRoCFU71fzMhUHsTTykviKO-w%26sig%3DAOD64_1lxUuAsay-tUqQk1X9jOogujxFFw%26client%3Dca-pub-3571272074788370%26dbm_c%3DAKAmf-AsBHFJNYy0821GTFTzfZRTHJ5bAy3LfP2QhW-Y2IAd6wamq1wkWXpPO6842WklcrR6HovQu1F2hfqGbDIGXsBkvNlAmcNhKSjc0j_tImDlbo9sSU3vIy-pjjpZkYhg4cGaSlnz4CgVImQ4CCZO9hx_g3Nhpg%26cry%3D1%26dbm_d%3DAKAmf-DK_3krBobCvABbgyyTS1QOBlITedLp6YUEHZJUpcrMzI4zrz2rV4j_NnMV7K5XTdCEnB5PsOrmBCFvSmTm6Dd7wfX-zSdQcMhEP3KGkUYxAvgJej5tkDDsnGAIdKgMf0vy9aNwiIuRzgfUmIK7P0uJa0UWoDcJJr1lUj_oYEpVeE5j3MAnFkUg9SzptB9OWZfMoE9ehXIJas6NJHi44EJC7Lo6ogxTyPx9jhVFyaTmXAlaiB4YJfcdlbbOhOsCqbR207-s3a2Y9pfsbBl3upInu1jv47dWvTFLL9whz5axDzINlb4GUBHLcGmzs7wlXJN9tQ1HAzDPNia9uWnUpX6WKXqAi0rEQGR-4ytPz3SVT__F5nlZ_SlDReWt0KKk9tbTk6PoArnNrbimspL6dPjx4QOtO2RktEg9Gr9MwV0TJ3vuWtPs-WrBMh_qAfREEgTLlvjsR4Sgwazjw3RnmAHJ6appH15441JNwMKRDCa1J0s2b-32C8OVjlodbwtXvJbbgbeHWT-YVeZ8dBDD9MTpiDKABA%26adurl%3D&documentReferer=https%3A%2F%2Fad6.on.cc%2Fweb%2Fhtml%2Fgoogle%2Fhousead%2Flrec1_423.html&ancestorOrigins=https%3A%2F%2Fad6.on.cc%2Chttps%3A%2F%2Fhk.on.cc&random=3559416046578&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
246238c26cb9ec8ce58eb89689bea4f8552f222bf1be3858846f167a18feff59

Request headers

Host
hal900014.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
gzip, deflate, br
Cookie
8lcfmzhxc8d6_uid=99fdab9ca201adb5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sat, 09 Oct 2021 02:51:41 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1534
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 0E37 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 08 Oct 2021 21:06:15 GMT
expires
Sat, 09 Oct 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
17126
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 7284 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab4ecf89c028af88c3dfb534fbf7ed5e5daaaaf2d97bbdbde7377d35cb788de4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
ts.js
cdn.retailads.net/ Frame 4614 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=925703526
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
78.46.5.84 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1284.your-server.de
Software
Apache /
Resource Hash
06a1b5afc54f03b03f1ec1d55390a43b7d0bea926033263e0988e33a8db55d19

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:41 GMT
last-modified
Thu, 17 Jun 2021 11:09:56 GMT
server
Apache
accept-ranges
bytes
etag
"13e5-5c4f43f50991d"
content-length
5093
content-type
application/javascript
pb_ratenkredit_300x250.gif
ad-server.eu/wm/pb/rate/aktion/ Frame 2AF2
Redirect Chain
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873b94a5452a6696367?subid=85341900008648900710616011742014
  • https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_300x250.gif
57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_300x250.gif
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=85341900008648900710616011742014&a=af669ec2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.176.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-176-197.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) /
Resource Hash
5c6fc998321adc6162f3d4b3a18fe409f44f9742b0a33ad6fd6e7358b16b54d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:55:21 GMT
Last-Modified
Wed, 15 Sep 2021 11:16:18 GMT
Server
nginx/1.4.6 (Ubuntu)
ETag
"6141d602-e2ba"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
58042

Redirect headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Server
nginx/1.17.5
X-IPLB-Request-ID
D8836F8A:E934_91EFC182:01BB_6160F5AD_10057DD1:26680
X-Powered-By
PHP/7.2.21
X-IPLB-Instance
40028
Strict-Transport-Security
max-age=63072000;includeSubdomains;preload, max-age=15768000
Content-Type
text/html; charset=UTF-8
Location
https://ad-server.eu/wm/pb/rate/aktion/pb_ratenkredit_300x250.gif
Cache-control
private
Transfer-Encoding
chunked
Keep-Alive
timeout=20
viewability
hal900014.redintelligence.net/ Frame 2AF2 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/viewability?s=85341900008648900710616011742014&a=343bcded&vb=m
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=85341900008648900710616011742014&a=af669ec2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/request_content.php?s=85341900008648900710616011742014&a=af669ec2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
truncated
/ Frame 2AF2 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/gif
dpixel
cms.quantserve.com/ Frame 0E37 		35 B
463 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELjX4c6dGz2Ry8bLluGmK94&google_cver=1&google_push=AYg5qPJO8Sl18U6vhBuOAzhgL2ItcD4FNzPWRIHjgUQiPeXAT7LZzK4SQJlfGjtyJUQmVQb3azSzJqxLmwSNvzkzjxULXNztJg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.134 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0E37
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEE6WdKaO1yUn07gSB4PqJD0&google_cver=1&google_push=AYg5qPKIlTTzieJAsBZy36CQ5Q_Wtm-sxl8h00cPtJLKPKHzMFDu49o1lPo-3NX8YrdJ-oYZF0MIw8tfCkMdVZhpmZ97xJ0viw
  • https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKIlTTzieJAsBZy36CQ5Q_Wtm-sxl8h00cPtJLKPKHzMFDu49o1lPo-3NX8YrdJ-oYZF0MIw8tfCkMdVZhpmZ97xJ0viw&google_hm=Q0FFU0VFNldkS2FPMXlVbjA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKIlTTzieJAsBZy36CQ5Q_Wtm-sxl8h00cPtJLKPKHzMFDu49o1lPo-3NX8YrdJ-oYZF0MIw8tfCkMdVZhpmZ97xJ0viw&google_hm=Q0FFU0VFNldkS2FPMXlVbjA3Z1NCNFBxSkQw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:40 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKIlTTzieJAsBZy36CQ5Q_Wtm-sxl8h00cPtJLKPKHzMFDu49o1lPo-3NX8YrdJ-oYZF0MIw8tfCkMdVZhpmZ97xJ0viw&google_hm=Q0FFU0VFNldkS2FPMXlVbjA3Z1NCNFBxSkQw
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0E37
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK4xq_3...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPK4xq_3...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMDkwMTUxNDEwMDA1MDQ0OTM2NDQ0OQ%3D%3D&google_push=AYg5qPK4xq_3UBOcapRtFQplZwTJjaCJMNIFs7ywmJau6rRypTi3KXQ3D974EX2baUTx_4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMDkwMTUxNDEwMDA1MDQ0OTM2NDQ0OQ%3D%3D&google_push=AYg5qPK4xq_3UBOcapRtFQplZwTJjaCJMNIFs7ywmJau6rRypTi3KXQ3D974EX2baUTx_40AXJvA3cOK8_ReJSXgUWJFEJtkovM
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMDkwMTUxNDEwMDA1MDQ0OTM2NDQ0OQ%3D%3D&google_push=AYg5qPK4xq_3UBOcapRtFQplZwTJjaCJMNIFs7ywmJau6rRypTi3KXQ3D974EX2baUTx_40AXJvA3cOK8_ReJSXgUWJFEJtkovM
pragma
no-cache
date
Sat, 09 Oct 2021 01:51:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Sat, 09 Oct 2021 01:51:42 GMT
sync
odr.mookie1.com/t/v2/ Frame 0E37 		43 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEF8X0hhIlwcYGuqQPVwm0QA&google_push=AYg5qPKfy2M46riehWBLt2Bg0WF7P-f0_n5ogHUhi_lsDdqia97gi2veoNcTZeBSUCLJ-IGIF8cIV6iIHSulAs02XvJsjTz7Tw&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0E37
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBR-UpVSxypd2aNiUqprWSk&google_cver=1&google_push=AYg5qPLWNTa4mBzTnQ5Sf_2EpRA7R8tFWhhjO33Z85qQu-b_3yOcqluTXBV9aaC5fjiTC1bglSPg5Eflyyc7chI7nJswIZILtJI
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLWNTa4mBzTnQ5Sf_2EpRA7R8tFWhhjO33Z85qQu-b_3yOcqluTXBV9aaC5fjiTC1bglSPg5Eflyyc7chI7nJswIZILtJI&google_hm=dGoAQVOaxLQhAgB3gtH6Mg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLWNTa4mBzTnQ5Sf_2EpRA7R8tFWhhjO33Z85qQu-b_3yOcqluTXBV9aaC5fjiTC1bglSPg5Eflyyc7chI7nJswIZILtJI&google_hm=dGoAQVOaxLQhAgB3gtH6Mg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLWNTa4mBzTnQ5Sf_2EpRA7R8tFWhhjO33Z85qQu-b_3yOcqluTXBV9aaC5fjiTC1bglSPg5Eflyyc7chI7nJswIZILtJI&google_hm=dGoAQVOaxLQhAgB3gtH6Mg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
92pr1k4v07rfft0nepp3r0qe52t5l3ek
pixel
cm.g.doubleclick.net/ Frame 0E37
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MxLRJq1fTe6y_wAo8OcJIQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MxLRJq1fTe6y_wAo8OcJIQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLMTz_mGsItnIHKpAszterg-I0jiZTfSbweoV7um6xjEVU-J1TGWcBKhRjlR3laQaLsL4cXXajJv41hAwBVVBjJXz6TTQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MxLRJq1fTe6y_wAo8OcJIQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLMTz_mGsItnIHKpAszterg-I0jiZTfSbweoV7um6xjEVU-J1TGWcBKhRjlR3laQaLsL4cXXajJv41hAwBVVBjJXz6TTQ
date
Sat, 09 Oct 2021 01:51:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 0E37
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_o...
0
0
attr
cm.g.doubleclick.net/pixel/ Frame 0E37 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KFJzevM_IG02dYNaZXk57ssjtuD6YitjW2DPH40DHTdbuiSj6h9x9J8FGCEslBrLhCKX8P
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=580144554&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300506&bpp=2&bdt=987&idt=77&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4289351640420&frm=24&ife=1&pv=2&ga_vid=1738383524.1633744301&ga_sid=1633744301&ga_hid=1032704726&ga_fc=0&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=3586554267&scr_x=-12245933&scr_y=-12245933&eid=31062423%2C31062937%2C44748552&oid=2&pvsid=1832003138608230&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.rbh3ge9l5ahu&fsb=1&dtd=90
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
dc_pre=CIDr_-WbvPMCFeTLEQgdFJIDdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5448245473829.543
adservice.google.com/ddm/fls/z/ Frame 87D2 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CIDr_-WbvPMCFeTLEQgdFJIDdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5448245473829.543
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CIDr_-WbvPMCFeTLEQgdFJIDdw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5448245473829.543?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame BC3E 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=723181&wgcampaignid=99582&js=1&nw=1&clickref=31009000010603400710616011742008&viewref=31009000010603400710616011742008
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.209.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-209-94.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
ESJ1m.JcTMC7xiA46tdzcog3eD2HGNO9
via
1.1 1cc446ef4692d8e752b16c07f2f58a59.cloudfront.net (CloudFront)
last-modified
Mon, 13 Sep 2021 10:14:21 GMT
server
AmazonS3
age
73652
etag
"ec0ced40cbb5211db06b8a36f209e442"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Fri, 08 Oct 2021 05:24:10 GMT
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51794
x-amz-cf-id
_QFdygZe93B_DxfSAZBDhxV5k7Pii2qE0MmVN6c-Rnf0YG1DrGktGQ==
link.html
track.webgains.com/ Frame BC3E 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=99582&viewref=25829300011782900710776011742003&wglinkid=723181
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
21744e5617ca04d2ad0b171c0dd028fab66f8978cf23ad01bc926fab7ffc3f03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 09 Oct 2021 01:51:41 GMT
Last-Modified
Sat, 09 Oct 2021 01:51:41 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Content-Length
4193
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activityi;dc_pre=CMKCh-abvPMCFQ-B3god6NgPbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9381956798877.553
5994599.fls.doubleclick.net/ Frame 0AC0
Redirect Chain
  • https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9381956798877.553?
  • https://5994599.fls.doubleclick.net/activityi;dc_pre=CMKCh-abvPMCFQ-B3god6NgPbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9381956798877.553?
391 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMKCh-abvPMCFQ-B3god6NgPbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9381956798877.553?
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f6.1e100.net
Software
cafe /
Resource Hash
c1c88d9d413d0368137dff50b21e7b444aef7b21f285ed64e131841975023d79
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5994599.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CMKCh-abvPMCFQ-B3god6NgPbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9381956798877.553?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
cookie
IDE=AHWqTUm27ecBU4Pwx8ctanAz_RPQQSYH0ut-yOjumkvGw6sNJdMhlGzMonOkPvjZ3Do
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 09 Oct 2021 01:51:41 GMT
expires
Sat, 09 Oct 2021 01:51:41 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
321
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Sat, 09 Oct 2021 01:51:41 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5994599.fls.doubleclick.net/activityi;dc_pre=CMKCh-abvPMCFQ-B3god6NgPbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9381956798877.553?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
request_content.php
hal90008.redintelligence.net/ Frame 44E7 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/request_content.php?s=31009000010603400710616011742008&a=376563b2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
8d6db8d32f8cb86ae4d55bea4c8275733a26bc4eeccceaaa63504ebe71d114fe

Request headers

Host
hal90008.redintelligence.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://googleads.g.doubleclick.net/
Accept-Encoding
gzip, deflate, br
Cookie
8lcfmzhxc8d6_uid=99fdab9ca201adb5
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Server
Apache
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Expires
Sat, 09 Oct 2021 02:51:41 +0200
Pragma
no-cache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
2018
Connection
close
Content-Type
text/html; charset=utf-8
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 869A 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 08 Oct 2021 21:06:15 GMT
expires
Sat, 09 Oct 2021 21:06:15 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
17126
cache-control
public, max-age=86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BC3E 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42788537e39b68ac7a0b444a7619118eb69fbc5b1c566424a62a260060c2f2a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
pixel
cm.g.doubleclick.net/ Frame 869A
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELjX4c6dGz2Ry8bLluGmK94&google_cver=1&google_push=AYg5qPKh8RsKjw-7bqqXMhfRaPs7IvEhu-5SIjWt0YMORmZjxx_SG_R8Qr...
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKh8RsKjw-7bqqXMhfRaPs7IvEhu-5SIjWt0YMORmZjxx_SG_R8QrU9KtOxBmgKwwWFbejsR2pwNoxDtHAMCQD0X5hbdGbm&google_hm=e-P2c-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKh8RsKjw-7bqqXMhfRaPs7IvEhu-5SIjWt0YMORmZjxx_SG_R8QrU9KtOxBmgKwwWFbejsR2pwNoxDtHAMCQD0X5hbdGbm&google_hm=e-P2c-Tb2KY5XEdaxN6Hdw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKh8RsKjw-7bqqXMhfRaPs7IvEhu-5SIjWt0YMORmZjxx_SG_R8QrU9KtOxBmgKwwWFbejsR2pwNoxDtHAMCQD0X5hbdGbm&google_hm=e-P2c-Tb2KY5XEdaxN6Hdw
pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
strict-transport-security
max-age=86400
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 869A
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIlPlij...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPIlPlij...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMDkwMTUxNDEwMDA1MDQ0OTM2NDQ0OQ%3D%3D&google_push=AYg5qPIlPlij73ipW7yDmdBCbNxkIaDn5NBL7DtZ8Eg8r7cYnFFsiY_DUEBaZydd46ltqM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMDkwMTUxNDEwMDA1MDQ0OTM2NDQ0OQ%3D%3D&google_push=AYg5qPIlPlij73ipW7yDmdBCbNxkIaDn5NBL7DtZ8Eg8r7cYnFFsiY_DUEBaZydd46ltqMAKp2AXo3IBeYznk28dfh8bK_ozRt-l
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTEwMDkwMTUxNDEwMDA1MDQ0OTM2NDQ0OQ%3D%3D&google_push=AYg5qPIlPlij73ipW7yDmdBCbNxkIaDn5NBL7DtZ8Eg8r7cYnFFsiY_DUEBaZydd46ltqMAKp2AXo3IBeYznk28dfh8bK_ozRt-l
pragma
no-cache
date
Sat, 09 Oct 2021 01:51:42 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
strict-transport-security
max-age=2628000
expires
Sat, 09 Oct 2021 01:51:42 GMT
sync
odr.mookie1.com/t/v2/ Frame 869A 		43 B
390 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEF8X0hhIlwcYGuqQPVwm0QA&google_push=AYg5qPKdozRfJD4hoDtBzVJ3GgZjZSw6IPcgR2H0XAh7a36F_i0w0uCaV8tGnjphlElA2SUwBwHIwwn4WCAa_QN3N24AQ3tnmXPnkA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 869A
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEBR-UpVSxypd2aNiUqprWSk&google_cver=1&google_push=AYg5qPJHDAJIcQUCB0D5hxh6O1fSoYT4VWYSYb-SBXn56WgOx0ZjNKkQuDNHoK9JvRkkg8SahmVpU3yxA651g9lMIv3TRWncjXKl
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJHDAJIcQUCB0D5hxh6O1fSoYT4VWYSYb-SBXn56WgOx0ZjNKkQuDNHoK9JvRkkg8SahmVpU3yxA651g9lMIv3TRWncjXKl&google_hm=dGoAQVOaxLQhAgB3gtH6Mg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJHDAJIcQUCB0D5hxh6O1fSoYT4VWYSYb-SBXn56WgOx0ZjNKkQuDNHoK9JvRkkg8SahmVpU3yxA651g9lMIv3TRWncjXKl&google_hm=dGoAQVOaxLQhAgB3gtH6Mg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJHDAJIcQUCB0D5hxh6O1fSoYT4VWYSYb-SBXn56WgOx0ZjNKkQuDNHoK9JvRkkg8SahmVpU3yxA651g9lMIv3TRWncjXKl&google_hm=dGoAQVOaxLQhAgB3gtH6Mg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
98sdkp8idm3mddqe2vt7o4jndijiib0j
pixel
cm.g.doubleclick.net/ Frame 869A
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MxLRJq1fTe6y_wAo8OcJIQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MxLRJq1fTe6y_wAo8OcJIQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIydUlStL4PVKHF92QwNIpAau_ue_UHaufVFbtFPJvXnZWSfeJc5V1lUu2XcFKIt-OsL3sgiS9C9NuTH7EV6cifnbH8je2xBQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MxLRJq1fTe6y_wAo8OcJIQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIydUlStL4PVKHF92QwNIpAau_ue_UHaufVFbtFPJvXnZWSfeJc5V1lUu2XcFKIt-OsL3sgiS9C9NuTH7EV6cifnbH8je2xBQ
date
Sat, 09 Oct 2021 01:51:40 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 869A
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_Thdy...
0
0
trk
ag.innovid.com/ Frame 869A 		43 B
295 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEKhzd0Z54KwEuqGqmnzf2Jw&google_cver=1&google_push=AYg5qPLUhz9Fcu-xx3PZ-bqfVOPMxy7BlGuuQ-ytsq0BIp1sQdZXKn5hS39IGBRwMu9CVZesikz-iHZG0VrUMIzXAGHiahXGy64D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.148.143 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-148-143.eu-west-2.compute.amazonaws.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 869A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JHX__zyTN6Ds9aGgai6ITyoLkV8YGAaUHOEMkNHcVtoRMndk_iBjTq_DpRdmQg8OSgQxcX
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3571272074788370&output=html&h=250&slotname=6393984442&adk=3333530506&adf=2042266704&pi=t.ma~as.6393984442&w=300&psa=0&format=300x250&url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1633744300515&bpp=1&bdt=1006&idt=87&shv=r20211006&mjsv=m202110040101&ptt=9&saldr=aa&cookie=ID%3De368636ebb60efca%3AT%3D1633744291%3AS%3DALNI_Ma3mhmVjnleg31he2SaePpmcjfOpg&correlator=4245131719147&frm=8&ife=1&pv=2&ga_vid=1480651599.1633744301&ga_sid=1633744301&ga_hid=1643246614&ga_fc=0&nhd=2&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=4074026432&scr_x=-12245933&scr_y=-12245933&eid=44748552&oid=2&pvsid=3446815774757126&pem=17&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.dbzhun2qlq2y&fsb=1&dtd=93
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:41 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
css
fonts.googleapis.com/ Frame 44E7 		4 KB
650 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=31009000010603400710616011742008&a=376563b2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.202 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f10.1e100.net
Software
ESF /
Resource Hash
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 09 Oct 2021 00:53:45 GMT
server
ESF
date
Sat, 09 Oct 2021 01:51:41 GMT
x-frame-options
SAMEORIGIN
report-to
{"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only
same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires
Sat, 09 Oct 2021 01:51:41 GMT
/
hal9000.redintelligence.net/scale/ Frame 44E7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/postbank_pool_privatkredit_1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=31009000010603400710616011742008&a=376563b2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
5c13f8cb7061ed8f110285b3ae94b42c0f123ba6951731f41d0d7c2dc4e18ad1

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
16248
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 44E7 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=31009000010603400710616011742008&a=376563b2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
162f0cca3cb9cc31aab351abf7abaedb5e942de4fba92554cabdb3e31eea532e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
12988
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 44E7 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=120&height=60&url=https://cdn.contentspread.net/24i/advertiser/48335/creativesup/highheels_red_1200x627.jpg
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=31009000010603400710616011742008&a=376563b2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.84.245 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.245.84.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e1b1908628a44d2759e1d75733367cb4654f36251d1491c4340631587bbbca76

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
13237
Vary
Accept-Encoding
Content-Type
image/png
sodar
pagead2.googlesyndication.com/getconfig/ Frame DDC9 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211006&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=ad6.on.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
6c8d3c1ec02a0cc584103e138a949febc7c036e2bd4f3c7f8d5c2b7bff25c92a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8539
x-xss-protection
0
dc_pre=CMKCh-abvPMCFQ-B3god6NgPbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9381956798877.553
adservice.google.com/ddm/fls/z/ Frame 0AC0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservice.google.com/ddm/fls/z/dc_pre=CMKCh-abvPMCFQ-B3god6NgPbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9381956798877.553
Requested by
Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=CMKCh-abvPMCFQ-B3god6NgPbw;src=5994599;type=invmedia;cat=wieh99wc;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=9381956798877.553?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.130 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s21-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://5994599.fls.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal90008.redintelligence.net/ Frame 44E7 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/viewability?s=31009000010603400710616011742008&a=b62d86b2&vb=m
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=31009000010603400710616011742008&a=376563b2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=31009000010603400710616011742008&a=376563b2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 44E7 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 01:22:16 GMT
x-content-type-options
nosniff
age
347365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15948
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:32 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 01:22:16 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v14/ Frame 44E7 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90008.redintelligence.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 05 Oct 2021 01:22:16 GMT
x-content-type-options
nosniff
age
347365
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16112
x-xss-protection
0
last-modified
Tue, 15 Sep 2020 18:10:09 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Oct 2022 01:22:16 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame DDC9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=ad6.on.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 09 Oct 2021 01:51:41 GMT
article_read.html
api.popin.cc/iframe/ Frame 6FB6 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/iframe/article_read.html
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
6418625b0e3a5a82820bc3ea96f5e6354e6452245ea7c8d5ef08d9a60c930364

Request headers

Host
api.popin.cc
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Encoding
gzip, deflate, br
Cookie
uid=b946f6d1ca586b1bd3c1633744298676
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

Server
nginx
Date
Sat, 09 Oct 2021 01:51:41 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Last-Modified
Thu, 11 Apr 2019 09:09:36 GMT
ETag
W/"4b05e2b209f1e47240fb9077dc40c699"
x-amz-version-id
null
Expires
Sat, 09 Oct 2021 02:51:41 GMT
Cache-Control
max-age=3600
Cross-Origin-Resource-Policy
cross-origin
X-Cache-Status
HIT from 10.252.55.25
Content-Encoding
gzip
readlogs
in.treasuredata.com/js/v3/event/popin_media/ 		89 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_media/readlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1633744301858&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4NWI0MGM5My1lNGY1LTQ1YTQtOTk4ZC01Mzk3OTNiMDc4ZGMiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi6Iag5qi95Zue5pS2546H5L2O44CA5ZWG5aC05o6o6LO656mN5YiG5Zue5pS25qmf6byT5Yu155Kw5L%2Bd772c5Y2z5pmC5paw6IGe772c5riv5r6z772cb24uY2PmnbHntrIiLCJ0ZF91cmwiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJoay5vbi5jYyIsInRkX3BhdGgiOiIvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJpbWFnZSI6IiIsInB1YmRhdGUiOiIiLCJkb21haW4iOiJoay5vbi5jYyIsIm1lZGlhIjoiaGsub24uY2MiLCJkZXZpY2UiOiJwYyIsImFwaV9ob3N0IjoiaGsucG9waW4uY2MiLCJyZWFkX3JlIjoib3JnYW5pYyIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwibWFpbl9jYXRlZ29yeSI6Imh0dHBzJTNBJTJGJTJGaGsub24uY2MlMkZoayUyRmJrbiUyRmNudCUyRm5ld3MlMkYyMDE3MDkyOSUyRmJrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwicmVhZF9zdGF0X3RleHQiOjYwMCwicmVhZF9zdGF0X2ltYWdlIjowLCJyZWFkX3N0YXRfaW5fdGV4dCI6NjAwLCJyZWFkX3N0YXRfaW5faW1hZ2UiOjAsInJlYWQiOjEwLCJyZWFkX3RpbWUiOjEuOSwicG9waW5fdXNlcl9pZCI6IiIsInBpdWlkIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowfQ%3D%3D&callback=TreasureJSONPCallback2
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.105.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-105-201.compute-1.amazonaws.com
Software
/
Resource Hash
84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:41 GMT
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length
89
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
s.gif
rlog.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&uid=&nid=kYtgkC0boChB&media=hk.on.cc&r1=10&r2=0&r3=text600|image0|in_text600|in_image0&r4=2&r5=re_organic|dv_pc|session|sstorage&r6=2&r7=-0&r8=34.98&t=1633744301854
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:41 GMT
last-modified
Tue, 10 Sep 2019 07:46:01 GMT
server
nginx
etag
"5d7754b9-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5BCB 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211006&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=ad6.on.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e57cff7a9a57bda8e04b020fc1ccf5a3a74fb9979bb5468be5e7b9e3a4a03753
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8470
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 64F4 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 08 Oct 2021 20:58:37 GMT
expires
Sat, 08 Oct 2022 20:58:37 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
17584
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 01F6 		783 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
ba7fbe70edcad6a5142770f902eff7709d407eb59e9cdac7905272e089b7d5b6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aYcozCIXkKSovyzlN2dRYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html
accept-encoding
gzip, deflate, br
cookie
NID=511=Ix50Sjd-mvTrOVNGQqVsIhUzNejOk26JvXQLYN2C2sGk2-Q_31QvzhYRckzUN6L188Z6IwC-MbrFORpmvDWISHWG102izsA-cg48Kvt5wRHkFWPqKzBrb2K5EAvTk5ISTJX_nDh49idmOwFmWowPLrlDVZkmP1RK4A25iOT9qQA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 09 Oct 2021 01:51:41 GMT
date
Sat, 09 Oct 2021 01:51:41 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-aYcozCIXkKSovyzlN2dRYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
pagead2.googlesyndication.com/bg/ Frame 64F4 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 20:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
18080
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13358
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 08 Oct 2022 20:50:21 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5BCB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3571272074788370&plah=ad6.on.cc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 09 Oct 2021 01:51:41 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 01F6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211006&jk=1832003138608230&rc=
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 020E 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 08 Oct 2021 20:58:37 GMT
expires
Sat, 08 Oct 2022 20:58:37 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
17584
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 9230 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
ee02f36c56cfde0d741205035b66fc3419937efa14d562cb91aaf6bf20973be8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ry7/sUGQ3ab1QbiVHjVeBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
accept-encoding
gzip, deflate, br
cookie
NID=511=Ix50Sjd-mvTrOVNGQqVsIhUzNejOk26JvXQLYN2C2sGk2-Q_31QvzhYRckzUN6L188Z6IwC-MbrFORpmvDWISHWG102izsA-cg48Kvt5wRHkFWPqKzBrb2K5EAvTk5ISTJX_nDh49idmOwFmWowPLrlDVZkmP1RK4A25iOT9qQA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 09 Oct 2021 01:51:41 GMT
date
Sat, 09 Oct 2021 01:51:41 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-ry7/sUGQ3ab1QbiVHjVeBQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
pagead2.googlesyndication.com/bg/ Frame 020E 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 20:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
18081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13358
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 08 Oct 2022 20:50:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9230 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211006&jk=3446815774757126&rc=
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame DDC9 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211006&jk=1832003138608230&bg=!g4ClgMTNAAbGFvHlxhY7ACkAdvg8Whnp6teB0I3GpxhYin96_X4lm4K6AxXW7M4Y_o7D9S71xP6mZwIAAABgUgAAABZoAQeZAtAnxCJyIDX-kNtYKzSTyNEiDRqkdoDI17Pp3D_CyBn5-x3wZv6fojW6mB5jZKsZ8x_GK4BE09K6yF1MIrZn6zL7oK7S7l8PuicaIf3OsboYGN2RJRLEIa6YmmAdqTe2TYCMQ54pTi18QxrXKIvm-kj36F9wTIIaV0jBDKiff6EKo2_J2IUM1A16QoYx8yzlsop_D3tbGuFbLkIRK9h7sFXraAni3euE_o0BC5RNGx4bSyqK22NEENa80aRvPsGe-Y_ZuFc30J6VJoLhSfpo0DgtmFQArdg312UXHvhU8vcix_BuX-S5-yIQtrOu56_V4H2_UMd5aaGbtCmj2gtHsSnUo1rAbAl2b9NgpCfgKz21FSeXagw6qUqL16QAAFWnYJ45O1Gyvt_oaYQGZCIooo3-iS0dJ4U096lSSNT0ATP5_e_OAXx6jLQACheIyx2-ongH8e22CFslSWXMB6R9sTyrbPz6hND8KSvp0pkEtGjsfuanaldshvdtHKUm6iUBM46KOC-wp0hAme2AMVYarm_Sx6sqX4h06YETn008oVvWrl3qZmczx1BmN3pPFDDV3S_FmSWa_5J2_gy9P-ICsaPXvFT_Op0qAwiiz0QJD7Z0dKmBVI4zGJja37xeOyLqqFCFQWxfubCFpmvOE0ajwFcJUH2HlaJAk1EaYNbmCwto3Uy3eNWfMZ8ZFBYO_ifNjL8XLpd35H02msZegqldfCTxQqy0z5VdImA1hnozthYMeb0_Wt0aWEuaLS6QMjV7XMjPVkTF55COG8wYV0QEFrdqHFSlOwB3S1Lnv5nYlFs2Q1HfsjCaxqYN97J3ztC-rENWZd1gIW-Z2mQz7rmxgB33dCioLoUwS0inSZkbXWBzyP-UxM3DdpoBHCGSrLn_jSZJSWXN3cfTvizAvrl0faGt8ST3MJOK5atH8l0O4fgnDkwA1ngRzExF1RkDokG4NXY
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_423.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
td_js_sdk_171.js
api.popin.cc/ Frame 6FB6 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.popin.cc/td_js_sdk_171.js
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/iframe/article_read.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
119.63.193.220 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.popin.cc/iframe/article_read.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 11 Jan 2018 09:42:51 GMT
Server
nginx
ETag
W/"17b2e8b253e693d224f7d8407e28e1ea"
X-Cache-Status
HIT from 10.252.55.25
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=3600
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
x-amz-version-id
null
Expires
Sat, 09 Oct 2021 02:51:42 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BCB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211006&jk=3446815774757126&bg=!wMOlw4fNAAbGFvHlxhY7ACkAdvg8WlA2EPYNf8FFifsR35WdO3SrOJ9li4Vz2wYH5_XmIi4CQt7jOwIAAABsUgAAAAloAQcKAL6CMoegTf7XofJ8OqDp3bRqiBwgP02O3QbpMUCNRpdDkpROHvyT4YWviv0eG00GUJRvyFeCUdY6NWz-njrU68D8NjF2FjHXYXvHEVpeJutdvFQ8wYpWIHAZlinlUaoriCOFXRyjZVkH1ozAenZ-wCpewUkD-HBz3noWc3M4DhgpK3QFNc7RMjKMwkLbQVovzWRlxiOmvZN8lbYaZeMtLVnyWz95GpkGmWMUZex_OLsEf7qjm6L7Gl37KoNWEFhQmQLHodXCIQm6y2DVVM99wUIpoXst8aFfffRv6eJGV2yjm5xN9ADA1FIbSAzV_U0t6iSKwQMlXuyRwluzpwBv2dL-ecmIyohgVFVfcrvhyN1Nxzzt_uIRZvJ3OXcPI3PG9CI4YWO_NIYJNVnu2-7yA36q66MGFY8P2j9VB1Uanp-oIeRfhJvPTLtUGH_EVKJwfKz1_SEfcoalMbmXNZTFgI7tqTd9oKea7CdYgf7l6kovwoTzEvkFrkc7pDwE2aFdhx61PVVQZk7kBrGBov_P0WWQRlOnrlYcywh5qUNqUGt4zulWrUOlybv9hyvTZfI3ozN787SgsW5FQLSEC0GaSUBeEK-QRHqmQ25pMMu3vBxqjeCyNZSPkD-WC2CHAHd5rki8UdlwjP0sZIV08_QP-pGfGZZD0r2Ri-005JAVy1mtrfWFkQbe0t9li0py2XByI1jxDaHih2w2ORN47NIKtdaPoK1qAA4qP_p_NA2SJYbVllM9mPb86kAdMDn5tJKzqNTJH56KwXedn_xnPhZOgeAsNrsgUcS7VwkeSjMitgveH0BaEf_OjqMMEhYcrM8OCRTOVer2li0sfotjflgHpBZa-pN_-xESOj8pTglwmo5rN_ZaiHwP8dkAG1IX22DgbN0l7Mic6-JLQ2bYgNjU0Yzs7xn1bfv6jmFYNvQkNxO29k9BC5f-JWUg6-i7DGjrcXRUAnqTAk2klxBkyjXxFJepg8qfUjJlbYR7XjwbARxqHCz-Y9g9a60HLrB2hLMBs4UE2cuM4oz1uK_OxCCkchwiX6-1P_3meZQhvuRzf0cWCsDk6CSPPCMxerNQIuIVS97Ppl09Zmp6ovN9YTGofDoogBH-R7Dhw6p8guS-xlO57dk5-YtbcQETbQ2Ln0Qona-2y_sGN4TzaaesmwoOee-EHEGDKwuJ_KIMzHLE8N1aS70lxfOrCQgh
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ad6.on.cc/web/html/google/housead/lrec1_422.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7284 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3pQqZLZIRHIsqJ0Q0MyjKOQpL4MYiS3hWirEs7dk69iMsr38nD84p4SOA4Mq7tt-fMWyRNNWCKrVSl1LhXPAVR8KljK7rN2aTCIkb&sai=AMfl-YRnofp_f-w_5bD2ho0JgrI2QV29tdoVnNKdtlEg9CVI6eXpJ9S3LKlxFx19idotW3p39EGdNWbztbfhuZvECj3-ONuoKYSW90LGDw-BVbas1QvEf6A2v9eOxmki&sig=Cg0ArKJSzPjJTKO75davEAE&cid=CAASEuRoCFU71fzMhUHsTTykviKO-w&id=lidar2&mcvt=1038&p=0,0,250,300&mtos=1038,1038,1038,1038,1038&tos=1038,0,0,0,0&v=20211006&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3333530506&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633744300597&rpt=935&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal900014.redintelligence.net/ Frame 2AF2 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900014.redintelligence.net/viewability?s=85341900008648900710616011742014&a=343bcded&vb=v
Requested by
Host: hal900014.redintelligence.net
URL: https://hal900014.redintelligence.net/request_content.php?s=85341900008648900710616011742014&a=af669ec2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
176.9.26.250 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.250.26.9.176.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal900014.redintelligence.net/request_content.php?s=85341900008648900710616011742014&a=af669ec2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:42 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
tracking-event
api.webgains.io/ Frame BC3E 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.21
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 09 Oct 2021 01:51:42 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.21
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Server
54.75.239.54 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-75-239-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://googleads.g.doubleclick.net
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Sat, 09 Oct 2021 01:51:42 GMT
server
nginx
access-control-allow-origin
*
access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021100401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js?31063069
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
fcbfbb94d1e7a2752717ed3f5ae87c99f8df4d8a991f98b25df1e283ff2b88cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 09 Oct 2021 01:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8514
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js?31063069
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Sat, 09 Oct 2021 01:51:42 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 10C5 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.129 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s46-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Fri, 08 Oct 2021 20:58:37 GMT
expires
Sat, 08 Oct 2022 20:58:37 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
17585
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 1C12 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.164 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f4.1e100.net
Software
GSE /
Resource Hash
eb2c371fbecbc55db33784da22b4730a3e3024edb47f12f68fe89e8b11a9d67b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-UXomXcew3VIj4ee0Swse8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
accept-encoding
gzip, deflate, br
cookie
NID=511=Ix50Sjd-mvTrOVNGQqVsIhUzNejOk26JvXQLYN2C2sGk2-Q_31QvzhYRckzUN6L188Z6IwC-MbrFORpmvDWISHWG102izsA-cg48Kvt5wRHkFWPqKzBrb2K5EAvTk5ISTJX_nDh49idmOwFmWowPLrlDVZkmP1RK4A25iOT9qQA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Sat, 09 Oct 2021 01:51:42 GMT
date
Sat, 09 Oct 2021 01:51:42 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-UXomXcew3VIj4ee0Swse8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
pagead2.googlesyndication.com/bg/ Frame 10C5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
sffe /
Resource Hash
9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 08 Oct 2021 20:50:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
18081
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13358
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:38:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Sat, 08 Oct 2022 20:50:21 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1C12 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021100401&jk=237205609740545&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame BC3E 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsviX4H1P6vFa2tO0u_WCcLhFy-t8p9mXkBhtujaQKMdLoGVE_RwK9L3pJUbvMBdRRAc7UewmOu4uPt8GdQfDOz5pNXAiFAuFdwHBs0R&sai=AMfl-YT3xwfwMfne2rhEHzsnJC3PxqxPldQcjZvY2U6Pir_QCwF1zHq3nFVfCG6DUBq-eVUVlJf8aznOSXls6DJruXiaNneWP-WIbmeyHYKs0rrvY-lPMHjZqtAu5S0Q&sig=Cg0ArKJSzJmY1MtFkYYBEAE&cid=CAASEuRoJHw2WkDLwUtKaM-gtZIJhQ&id=lidar2&mcvt=1012&p=0,0,250,300&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20211006&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3333530506&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633744300609&rpt=1207&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
viewability
hal90008.redintelligence.net/ Frame 44E7 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90008.redintelligence.net/viewability?s=31009000010603400710616011742008&a=b62d86b2&vb=v
Requested by
Host: hal90008.redintelligence.net
URL: https://hal90008.redintelligence.net/request_content.php?s=31009000010603400710616011742008&a=376563b2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.150 Hockenheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.150.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hal90008.redintelligence.net/request_content.php?s=31009000010603400710616011742008&a=376563b2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:42 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021100401&jk=237205609740545&bg=!NTalNnLNAAbGFvHlxhY7ACkAdvg8WpJbKvFyE5XdcyOxuBcNJZ6WIR89IjdZF3AGZxlFWM4K8J6ihgIAAABOUgAAAAxoAQcKAGWmRWteneFcELvcLy_vSXd2kIfa2CR5QQCDQrGdQT5ozIXHwg_cam7ildvBC42Oh1sizrqt7yNJB5INjlC75NiroZ4BQEVx5OPYkHb-VcCYsicAt2GN8AqwyG2GwnuhLZ7wJPcJmpkColZfzueEkXTpO47DBEFNDGytfMUBSdU9lFBxkOhHeaYnzW5tZCQ2VqlV3O-QSapt8zDtgfsWDME5Hf53V959VSZVLVtL7Tw6YaFfjKiQMZzPAsu-agSl-AVVzMqaUi_TMnruPHe63Di-CSNlpZpzp_evMBBk69tivOzxgHj9cIBFOF52_iQrliZK0sDru9WTHtbUlL05p17QbIVYDSnI-MZVpxWjXZj0JOtJ_m6_fZ6-SDPSrxVfbYDXdTocT_JVGDIqe4_tWlyqe-tOSBb5SYGVe5ZB-G75hhr0qxbGvBMu0Cwtl6oIjq7VfqMRgREVuTK0qfcUAlVSNvd4Gm1cQoWLwcgufIBKAIW8l2SUmj6QcP2zhxDEYyVRjPTEToPvQTVJa-346TbHw74Td89iM_IFSTajptyW6b6JgfIr8MZyMRDvicZWlF6pvnRV7zDVm50ixANl_UqNV0PriPo9-Q9qy_iVWXd_pXfI6ND5O34JPaArJ7WfDB_ojzAxVf50I1XO_tB9OC74S8jBsOkBmMk89jxQMlc6xpqIqdazAIl1jmTVWibDSGNBJVcyNkgtEK5DQx8EeHageMsaMtHzj2X3MuIVKFa8tbbiKo1H4lyEDjC2cr73LXCmc4TKhe4QbnJosOTRvBvqsWTAgvtVtB49A0WJ6R-CcAcMgtcqriDjrJuWg6PAhBkPB2kG6XX2wwq0os_x6rECbKS27kyxg9qGj1T4zPwd63jYkND_7KowsFYDj-cpwHjG3pYn2BLlzafSIKkXv4sEe03A_Y4swcGULdIvN4mvm5iyZUVDgeU9nGh8K_M3qurjHqdVCaO9uEZNpGN3XvQSzNE7XNw7h4pzz1ZOt3hSxbRIIOJBiE0rGyKozR1MffyVl_FDCJV488Om
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 01:51:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
live_feed_v3.js
tv.on.cc/js/live/ 		4 B
200 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tv.on.cc/js/live/live_feed_v3.js
Requested by
Host: hk.on.cc
URL: https://hk.on.cc/js/v4/jquery.js?20210106
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.136.235 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ace810d7e2cbb4f8c40ce09dc8e191ae466adb4e1a7d49c59f2215b411d38b05

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:45 GMT
cf-cache-status
HIT
x-cacheable
L03
cf-ray
69b3f732797bfb5c-DUS
content-length
4
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 08 Oct 2021 10:10:57 GMT
server
cloudflare
etag
"4-5cdd498645723"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
x-varnish
665458963 665846183
access-control-allow-origin
*
cache-control
public, max-age=5, s-maxage=5, must-revalidate
accept-ranges
bytes
content-type
text/javascript
expires
Sat, 09 Oct 2021 01:56:40 GMT
readlogs
in.treasuredata.com/js/v3/event/popin_media/ 		89 B
559 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/popin_media/readlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1633744305841&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiI4NWI0MGM5My1lNGY1LTQ1YTQtOTk4ZC01Mzk3OTNiMDc4ZGMiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi6Iag5qi95Zue5pS2546H5L2O44CA5ZWG5aC05o6o6LO656mN5YiG5Zue5pS25qmf6byT5Yu155Kw5L%2Bd772c5Y2z5pmC5paw6IGe772c5riv5r6z772cb24uY2PmnbHntrIiLCJ0ZF91cmwiOiJodHRwczovL2hrLm9uLmNjL2hrL2Jrbi9jbnQvbmV3cy8yMDE3MDkyOS9ia24tMjAxNzA5MjkxMTE5MzkwNjItMDkyOV8wMDgyMl8wMDEuaHRtbCIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvOTMuMC40NTc3LjYzIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJoay5vbi5jYyIsInRkX3BhdGgiOiIvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9pcCI6InRkX2lwIiwidGRfYnJvd3NlciI6InRkX2Jyb3dzZXIiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiJ0ZF9icm93c2VyX3ZlcnNpb24iLCJ0ZF9vcyI6InRkX29zIiwidGRfb3NfdmVyc2lvbiI6InRkX29zX3ZlcnNpb24iLCJpbWFnZSI6IiIsInB1YmRhdGUiOiIiLCJkb21haW4iOiJoay5vbi5jYyIsIm1lZGlhIjoiaGsub24uY2MiLCJkZXZpY2UiOiJwYyIsImFwaV9ob3N0IjoiaGsucG9waW4uY2MiLCJyZWFkX3JlIjoib3JnYW5pYyIsImNvbW1vbl9jYXRlZ29yeSI6ImJ1c2luZXNzIiwibWFpbl9jYXRlZ29yeSI6Imh0dHBzJTNBJTJGJTJGaGsub24uY2MlMkZoayUyRmJrbiUyRmNudCUyRm5ld3MlMkYyMDE3MDkyOSUyRmJrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIiwicmVhZF9zdGF0X3RleHQiOjYwMCwicmVhZF9zdGF0X2ltYWdlIjowLCJyZWFkIjoyMCwicmVhZF90aW1lIjo1LjcsInBvcGluX3VzZXJfaWQiOiIiLCJwaXVpZCI6IiIsImludGVyYWN0aW9uX251bWJlciI6MH0%3D&callback=TreasureJSONPCallback3
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.105.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-105-201.compute-1.amazonaws.com
Software
/
Resource Hash
b3a7346cae0525400bb6539496990f7de2ee33862cb6e38fd82f0e463d367e1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:45 GMT
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
P3P
CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Content-Length
89
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
s.gif
rlog.popin.cc/ 		35 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fhk.on.cc%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&uid=&nid=kYtgkC0boChB&media=hk.on.cc&r1=20&r2=10&r3=text600|image0&r4=4&r5=re_organic|dv_pc&r6=6&r7=-2&t=1633744305840
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://hk.on.cc/hk/bkn/cnt/news/20170929/bkn-20170929111939062-0929_00822_001.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 01:51:45 GMT
last-modified
Tue, 10 Sep 2019 07:46:01 GMT
server
nginx
etag
"5d7754b9-23"
content-type
image/gif
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
common_category_read_log
in.treasuredata.com/js/v3/event/fe_monitor/ Frame 6FB6 		89 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://in.treasuredata.com/js/v3/event/fe_monitor/common_category_read_log?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1633744305846&data=eyJjb21tb25fY2F0ZWdvcnkiOiJidXNpbmVzc3xsaWZlc3R5bGUiLCJwZXJjZW50IjoxMCwicmVhZFRpbWVTZWNvbmQiOjQsImZlTG9nSWQiOiIxNjMzNzQ0MzAyMTQ3LWcxa2puYSIsInVybCI6Imh0dHBzOi8vaGsub24uY2MvaGsvYmtuL2NudC9uZXdzLzIwMTcwOTI5L2Jrbi0yMDE3MDkyOTExMTkzOTA2Mi0wOTI5XzAwODIyXzAwMS5odG1sIn0%3D&callback=TreasureJSONPCallback0
Requested by
Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.105.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-105-201.compute-1.amazonaws.com
Software
/
Resource Hash
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://api.popin.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 01:51:46 GMT
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
89
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg

Verdicts & Comments Add Verdict or Comment

328 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| onbeforexrselect boolean| originAgentCluster object| ___gcfg function| $Import object| WB2 boolean| debug string| serverTime function| $ function| jQuery string| GLBOAL_PATH string| NEWS_PATH string| CURSECT string| serverdate string| adsMantle string| adsSuper1 string| adsSuper2 string| ads1Lrec string| ads2Lrec string| ads3Lrec string| adsCombo string| adsCombo1 string| adsCombo2 string| adsFloat string| adsFloatCrazy string| focus_banner_ab string| focus_banner_cd string| focus_banner_c string| no_focus_banner_cd boolean| focus_banner_c_on boolean| adsNotice string| onccNativeAd function| $MetaLoader function| clientWindowSize object| ONCC object| ONTV function| $writeScript string| SECTION_CODE function| $SlidePageBox function| $QueryString function| $ListLoader function| $strTruncate undefined| specialArticle string| countryUrl string| inactivekeywordListUrl undefined| head undefined| link object| swfobject function| $AD object| __twttrll object| twttr object| __twttr object| gapi object| ___jsl object| ___gu object| deconcept function| getQueryParamValue function| FlashObject function| SWFObject function| writeGlobalUrchin string| corpbarVersion object| _sf_async_config object| scriptFile string| domain string| hkdomain string| twdomain string| cndomain string| todaydate boolean| isracingday string| corpbar_temperature string| corpbar_weather_gif string| corpbar_weather_gif_alt string| corpbar_weather_rolltext string| corpbar_weather_link object| $ONCC function| pbmenu function| pyear function| get_bottom function| pyear_xsl function| uniprint function| uniprint_xsl function| triming string| $ONCC_CORPBAR_CSS string| img_path function| print_weather function| print_weather_2line boolean| zh_HK_playing boolean| zh_CN_playing boolean| zh_HK_playing_first boolean| zh_CN_playing_first string| audioObject string| voice function| voicefunction string| playerDomain boolean| mute_firstTime boolean| force_unmute string| _uacct number| _userv number| _ufsc string| _udn string| _uhash string| _utimeout string| _ugifpath string| _utsp number| _uflash number| _utitle number| _ulink number| _uanchor string| _utcp number| _usample number| _uctm string| _ucto string| _uccn string| _ucmd string| _ucsr string| _uctr string| _ucct string| _ucid string| _ucno object| _uOsr object| _uOkw object| _uOno object| _uRno undefined| _uff number| _udh object| _udt number| _ubl string| _udo number| _uu number| _ufns number| _uns string| _ur number| _ufno number| _ust object| _ubd object| _udl string| _udlh string| _uwv string| _ugifpath2 object| _ecm function| urchinTracker function| _uInfo function| _uVoid function| _uCInfo function| _uRef function| _uOrg function| _uBInfo function| __utmSetTrans function| _uFlash function| __utmLinker function| __utmLinkPost function| __utmSetVar function| __utmTrackEvent function| _uGCS function| _uGC function| _uDomain function| _uHash function| _uFixA function| _uTrim function| _uEC function| __utmVisitorCode function| _uIN function| _UEE function| _uES function| _uUES function| _uVG function| _uSP function| urchinPathCopy function| _uCO function| _uGT string| _utk function| _uNx object| Urchin string| ads4Lrec string| OA_source boolean| lrec1Selectmedia string| crtg_nid string| crtg_cookiename string| crtg_varname function| crtg_getCookie string| crtg_oncchk_content number| crtg_rnd object| OA_zones object| OA_Criteo_source string| OA_zoneids string| zonename string| OA_p number| OA_r string| OA_spc function| OA_show function| OA_showpop string| OA_fo object| OA_output object| _cb_shared object| _cbm object| org object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| adsbygoogle string| google_user_agent_client_hint object| yahoo_keyword_list function| acceptDisclaimer function| loadCss string| cdnDomain function| $Article boolean| hiddenBanner undefined| rp_account undefined| rp_site undefined| rp_zonesize undefined| rp_adtype string| rp_smartfile object| FB object| browserSpecs string| browserURL function| h5Player function| h5DefaultConfig object| SchainValidator function| ConsentManagement object| rp_account_config object| RubiconAdServing object| rp_requests number| rubicon_cb string| rubicon_rurl string| rubicon_ad string| rubicon_creative string| rubicon_tag_code function| EventEmitter object| eventie function| imagesLoaded function| playPhoto function| toNextPhoto function| toPrePhoto object| Zoomer function| autoSetVertical function| changeSize function| setPhotoNumber function| setSubHeight function| autoScroll string| OX_cb2a3d55 object| googletag function| collaspeRubiconS object| ucfad_async number| adFloat_s string| floatAd_zone_path function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| ucf object| request string| paramsString string| OX_b6c5e90f function| closeFloatingLREC boolean| adformat_floatingLREC function| postscribe string| OX_f34e5fcd string| OX_c4a1f9f9 object| fbLoginStatus string| _var_cat string| _var_action object| jQuery112006644459276469494 boolean| inactivity object| _this string| content string| urlPattern string| videolisturl object| _comscore string| GoogleAnalyticsObject function| ga string| title string| live_url_onoff object| _pop object| _popIn5_config function| Treasure2 object| PopIn6 object| popInGlobal object| PopInGlobal object| PopIn object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| pSUPERFLY_video object| _cbv_strategies object| _cbv function| udm_ object| ns_p object| COMSCORE object| google_tag_data object| gaplugins object| gaData object| JSON3 string| OX_bf1ff961 object| PopIn5Conf object| PopIn5 string| qString function| TreasureJSONPCallback0 boolean| popInPositionAndStyle function| TreasureJSONPCallback1 function| TreasureJSONPCallback2 object| GoogleGcLKhOms object| google_image_requests

73 Cookies

Domain/Path Name / Value
bknwebapp.on.cc/onccMainWebapp Name: JSESSIONID
Value: AFA383B4BDF9FEFD0560E037033EEA3E
.on.cc/ Name: __cfruid
Value: 0f90bc925eaf5f2201c747550bbff53ab89a463f-1633744283
.google.com/ Name: NID
Value: 511=Ix50Sjd-mvTrOVNGQqVsIhUzNejOk26JvXQLYN2C2sGk2-Q_31QvzhYRckzUN6L188Z6IwC-MbrFORpmvDWISHWG102izsA-cg48Kvt5wRHkFWPqKzBrb2K5EAvTk5ISTJX_nDh49idmOwFmWowPLrlDVZkmP1RK4A25iOT9qQA
hk.on.cc/ Name: lang
Value: zh
hk.on.cc/ Name: _cb_ls
Value: 1
ad4.on.cc/ Name: OAGEO
Value: US%7C00%7C%7C%7C37.751%7C-97.822%7C%7C%7C%7C%7C
ad4.on.cc/ Name: OAID
Value: e1a9c1d2e9eb35b3694590da97ea40b0
.facebook.com/ Name: fr
Value: 0GSwp2tfh6UdUbaIO..BhYPWi...1.0.BhYPWi.
.rubiconproject.com/ Name: khaos
Value: KUJ562M6-M-5TJS
.rubiconproject.com/ Name: rsid
Value: 1|HsGqLFsFr/vVSy6g0MQzNQWiuYBcZJvAvCF6IsCkVVYgwYaQOmrhQqqdY7qJ5+fKRB+v2jLGFGeoFyjBXEn+RTT+pWw62G0J5h4qb83eS0hKp2u2D6IxNbX7Tc/cWQrERdSf+hE=
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1o+/czUaEnw1LtLGlRh3wRPaq142vsbYDJD7uq6RWy1swpkhPxzSxyMfhabQi3+krHl/aHvjZOeQ==
.aralego.com/ Name: sspid
Value: 53d0a423-3dc4-3f5b-804e-0386ebd3e6cb
.adsrvr.org/ Name: TDID
Value: f96a8a4b-4d55-46fd-b666-db4e6e04af57
eus.rubiconproject.com/ Name: pux
Value: 1512%3D103177%262249%3D103177%262307%3D103177%262974%3D103177%263778%3D103177%262249-DV360-Hosted%3D103177%26goog%3D103177%26brx%3D103177%26
.mathtag.com/ Name: uuid
Value: 5f426160-f5a4-4000-90df-6f601ac95793
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YWD1pAAAAaj7yAAR
.doubleclick.net/ Name: IDE
Value: AHWqTUm27ecBU4Pwx8ctanAz_RPQQSYH0ut-yOjumkvGw6sNJdMhlGzMonOkPvjZ3Do
.yahoo.com/ Name: A3
Value: d=AQABBKP1YGECEPpQYTrejsTX44Bt6wqRyIIFEgEBAQFHYmFqYQAAAAAA_eMAAA&S=AQAAAt8NsTIqvWP2PR6d0fbJc_o
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjij_XNwbSFOhAFOAFaB253dXNsdW1gAg..
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.hk.on.cc/ Name: __utma
Value: 178303933.1552665614.1633744295.1633744295.1633744295.1
.hk.on.cc/ Name: __utmb
Value: 178303933
.hk.on.cc/ Name: __utmc
Value: 178303933
.hk.on.cc/ Name: __utmz
Value: 178303933.1633744295.1.1.utmccn=(direct)|utmcsr=(direct)|utmcmd=(none)
hk.on.cc/ Name: inactivity
Value: false
.criteo.com/ Name: uid
Value: 133f3704-f0d0-43c7-aa66-283945dabb29
.on.cc/ Name: _ss_pp_id
Value: b946f6d1ca586b1bd3c1633744298676
hk.on.cc/ Name: _cb
Value: BN1VvvDSOmhwGLuAg
hk.on.cc/ Name: _chartbeat2
Value: .1633744298689.1633744298689.1.BX3TaoCv0-qS1MgbeDyozVbBVDdWC.1
hk.on.cc/ Name: _cb_svref
Value: null
.scorecardresearch.com/ Name: UID
Value: 1KSKKV7IRFRZBTP9W10O7Xg1633744299
.hk.on.cc/ Name: _ga
Value: GA1.3.1552665614.1633744295
.hk.on.cc/ Name: _gid
Value: GA1.3.1073457970.1633744299
.hk.on.cc/ Name: _gat
Value: 1
.on.cc/ Name: cto_bundle
Value: v1J8iV8zaEpDUUtiaHlsemNIMmVLTGZrOGhtSXMxems2Vm84JTJGa2k0NzJYbWI0TCUyRnBRVmZmbmN5OE1OcEtXeGNvZkRGSDBZejNOa2ZYTUpBOVY1bmZkeWZwYmxRcWl6QmpLNzZ2T2s0a3olMkJ5WSUyRmxvbmgyZjVnTUxrN3RoWmhuaEZTYVlKNFgxMnRnRGNwJTJCUmNPQkwwaGUlMkIlMkIzUSUzRCUzRA
hk.on.cc/ Name: pushLatestId
Value: bkn-20211009080031592-1009_00882_001
.popin.cc/ Name: uid
Value: b946f6d1ca586b1bd3c1633744298676
ad4.on.cc/ Name: OAVARS[default]
Value: a%3A2%3A%7Bs%3A8%3A%22bannerid%22%3Bs%3A4%3A%226414%22%3Bs%3A6%3A%22oadest%22%3Bs%3A23%3A%22http%3A%2F%2Fwww.lukfook.com%2F%22%3B%7D
.in.treasuredata.com/ Name: _td_global
Value: ddd09805-40b8-411c-88da-2eac634487d0
.on.cc/ Name: __gads
Value: ID=e368636ebb60efca-227fb15ceeca0040:T=1633744291:RT=1633744300:S=ALNI_MaHSGG5YYcWHCPEJlTm-zcmBuDn_g
.adnxs.com/ Name: uuid2
Value: 6482494418826144114
.casalemedia.com/ Name: CMPS
Value: 3224
.casalemedia.com/ Name: CMID
Value: YWD1rOaKlEtHJQKT99W-4QAA
.casalemedia.com/ Name: CMPRO
Value: 1109
.casalemedia.com/ Name: CMRUM3
Value: 2d6160f5ad2760CAESEJZocZlkd6X1sxj8XNHv6dU
.casalemedia.com/ Name: CMST
Value: YWD1rGFg9a0A
.openx.net/ Name: i
Value: 7890b524-539b-426d-9da0-842835eff375|1633744301
.retailads.net/ Name: ppb2172
Value: 925703526
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: 99fdab9ca201adb5
pb.media01.eu/ Name: DTU
Value: F5230929443EA319EA9E87B38A726763
.medialead.de/ Name: trscj
Value: MTYzMzc0NDMwMXxMM1J5WTJzdlpYQjJMMlU1T1dGaFkyVTVOR1UyWlRVNE56TmlPVFJoTlRRMU1tRTJOamsyTXpZM1AzTjFZbWxrUFRnMU16UXhPVEF3TURBNE5qUTRPVEF3TnpFd05qRTJNREV4TnpReU1ERTBKblE5YUhSc2NBPT18YUhSMGNITTZMeTluYjI5bmJHVmhaSE11Wnk1a2IzVmliR1ZqYkdsamF5NXVaWFF2
.futalis.de/ Name: raSIDb
Value: 925703526
.quantserve.com/ Name: d
Value: EAQBCQG4JIEA
.quantserve.com/ Name: mc
Value: 6160f5ad-92e21-8f04a-9be73
.agkn.com/ Name: ab
Value: 0001%3AKPLrvB44iUKfBQGjcYIhnb%2FYnLv2yFA%2B
.agkn.com/ Name: u
Value: C|0CEAo87ItKPOyLQAAAAAAAQ13AQCAAQpAAAAAAA
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.mookie1.com/ Name: id
Value: 10828342354223257025
.mookie1.com/ Name: mdata
Value: 1|10828342354223257025|1633744301612
.mookie1.com/ Name: ov
Value: aab1786ea6a439156d475f213933ed23
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 3312D126-AD5F-4DEE-B2FF-0028F0E70921
.on.cc/ Name: _td
Value: 85b40c93-e4f5-45a4-998d-539793b078dc
.e.dlx.addthis.com/ Name: na_tc
Value: Y
.innovid.com/ Name: uuid
Value: af79ae11-9acf-44b8-a2e7-00c1099500a1-20211008 21:51:41
.addthis.com/ Name: na_id
Value: 2021100901514100050449364449
.addthis.com/ Name: na_tc
Value: Y
.addthis.com/ Name: uid
Value: 6160f5ad52cb6a8d
.addthis.com/ Name: ouid
Value: 6160f5ad0001dc359235c8f59f87fb3abaef46688efe404998b9
.dlx.addthis.com/ Name: na_sr
Value: 20211009
.dlx.addthis.com/ Name: na_srp
Value: 3614
.dlx.addthis.com/ Name: na_rn
Value: 1
.dlx.addthis.com/ Name: na_sc_e
Value: 1

15 Console Messages

Source Level URL
Text
deprecation warning URL: https://hk.on.cc/js/v4/jquery.js?20210106(Line 3)
Message:
Synchronous XMLHttpRequest on the main thread is deprecated because of its detrimental effects to the end user's experience. For more help, check https://xhr.spec.whatwg.org/.
javascript warning URL: https://ad4.on.cc/web/www/delivery/spcjs.php(Line 28)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.rubiconproject.com/ad/17058.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ad4.on.cc/web/www/delivery/spcjs.php(Line 28)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.rubiconproject.com/ad/17058.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ads.rubiconproject.com/ad/17058.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://smarttag.rubiconproject.com/a/17058/153150/727464-2.js?&cb=0.9588807285869714&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=153150_2&rp_secure=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ads.rubiconproject.com/ad/17058.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://smarttag.rubiconproject.com/a/17058/153150/727464-2.js?&cb=0.9588807285869714&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=153150_2&rp_secure=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://smarttag.rubiconproject.com/a/17058/153150/727464-2.js?&cb=0.9588807285869714&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=153150_2&rp_secure=1(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.rubiconproject.com/ad/17058.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://smarttag.rubiconproject.com/a/17058/153150/727464-2.js?&cb=0.9588807285869714&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=153150_2&rp_secure=1(Line 1)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://ads.rubiconproject.com/ad/17058.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ads.rubiconproject.com/ad/17058.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://smarttag.rubiconproject.com/a/17058/153150/764976-2.js?&cb=0.07429997785494069&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=153150_2&rp_secure=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ads.rubiconproject.com/ad/17058.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://smarttag.rubiconproject.com/a/17058/153150/764976-2.js?&cb=0.07429997785494069&tk_st=1&rp_s=c&p_exp=1&p_pos=atf&p_screen_res=1600x1200&ad_slot=153150_2&rp_secure=1, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ad4.on.cc/web/www/delivery/spcjs.php(Line 28)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ad4.on.cc/web/www/delivery/spcjs.php(Line 28)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.6/postscribe.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://ping.chartbeat.net/ping?h=hk.on.cc&p=%2Fhk%2Fbkn%2Fcnt%2Fnews%2F20170929%2Fbkn-20170929111939062-0929_00822_001.html&u=BN1VvvDSOmhwGLuAg&d=hk.on.cc&g=65943&g0=hknews&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=1571&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=15300&t=BS84zJEuS9iBwjySaCT0aBDKl2fd&V=128&i=%E8%86%A0%E6%A8%BD%E5%9B%9E%E6%94%B6%E7%8E%87%E4%BD%8E%E3%80%80%E5%95%86%E5%A0%B4%E6%8E%A8%E8%B3%BA%E7%A9%8D%E5%88%86%E5%9B%9E%E6%94%B6%E6%A9%9F%E9%BC%93%E5%8B%B5%E7%92%B0%E4%BF%9D%EF%BD%9C%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E%EF%BD%9C%E6%B8%AF%E6%BE%B3%EF%BD%9Con.cc%E6%9D%B1%E7%B6%B2&tz=0&sn=1&sv=BX3TaoCv0-qS1MgbeDyozVbBVDdWC&sd=1&im=067b0fff&_
Message:
Failed to load resource: the server responded with a status of 503 ()
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPIX1E_UNfpIUfmJVYYHAQIzv3IITfj_oj0Rf11BFX07K-XFxtVlcDouInE3RsnlAQfqPm-ENmp1Ux5WjGEJ2LO8PQQ0lTc
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network error URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YWD1rOaKlEtHJQKT99W_4QAABFUAAAIB&google_cver=1&google_gid=CAESED9qscVXlB0se2UyodcHMlA&google_push=AYg5qPI_-JIf2na344JGxXuQCJDnpRHB_ThdyoY7VzWPNR_pvc3QlKKD2LjE7oJwluYNvDpJbNOk9ApTWKhYq7KQFeyS1pQlkOxGZg
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5994599.fls.doubleclick.net
83a02cf37f3344bf491690fbb04daeca.safeframe.googlesyndication.com
ad-server.eu
ad4.on.cc
ad6.on.cc
ads.aralego.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.com
adservice.google.de
ag.innovid.com
analytics.webgains.io
api.popin.cc
api.webgains.io
apis.google.com
beacon-fra2.rubiconproject.com
bidder.criteo.com
bknwebapp.on.cc
cdn.aralego.net
cdn.retailads.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
d.agkn.com
d07abc0539ca53a9b8c1fa36431bbb2c.safeframe.googlesyndication.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
e918485f93c6f7d0e561007eac9ffc5b.safeframe.googlesyndication.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
googleads.g.doubleclick.net
gum.criteo.com
hal9000.redintelligence.net
hal900014.redintelligence.net
hal90008.redintelligence.net
hk.on.cc
hk.popin.cc
home.on.cc
ib.adnxs.com
image6.pubmatic.com
imageaws.popin.cc
in.treasuredata.com
inrecsys.popin.cc
log.popin.cc
mab.chartbeat.com
match.adsrvr.org
medialead.de
odr.mookie1.com
on.cc
pagead2.googlesyndication.com
partner.googleadservices.com
pb.media01.eu
ping.chartbeat.net
pixel.rubiconproject.com
platform.twitter.com
pr-bh.ybp.yahoo.com
pv.medialead.de
r.popin.cc
rlog.popin.cc
rtax.criteo.com
rtb.openx.net
sb.scorecardresearch.com
scontent.xx.fbcdn.net
securepubads.g.doubleclick.net
smarttag.rubiconproject.com
static.chartbeat.com
static.criteo.net
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.aralego.com
sync.mathtag.com
sync.teads.tv
syndication.twitter.com
tjs.sjs.sinajs.cn
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
tv.on.cc
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
cm.g.doubleclick.net
104.111.215.191
104.111.242.245
104.16.136.235
104.16.137.235
104.16.18.94
104.244.42.136
104.26.4.103
107.20.138.141
119.63.193.220
119.63.198.143
119.63.198.172
119.63.198.180
119.63.198.188
119.63.198.189
13.248.242.197
13.35.253.71
138.201.63.150
138.201.84.245
142.250.181.226
142.250.184.202
142.250.184.226
142.250.185.161
142.250.185.164
142.250.185.174
142.250.185.194
142.250.185.198
142.250.185.98
142.250.186.110
142.250.186.35
142.250.186.66
143.204.209.94
145.239.193.130
151.101.130.202
151.101.66.49
157.240.236.1
157.240.236.35
167.233.14.134
172.217.16.129
172.217.16.130
176.9.26.250
178.250.0.166
178.250.2.130
178.250.2.131
178.250.2.146
18.192.155.173
185.29.134.248
185.64.189.115
192.96.200.41
2.18.234.21
216.239.32.3
216.58.212.130
23.37.42.132
34.98.67.61
35.177.148.143
35.227.252.103
35.244.159.8
37.252.172.123
46.236.13.147
52.18.246.238
52.206.105.201
54.75.239.54
54.76.176.197
69.173.144.143
69.173.144.152
69.173.151.80
69.173.151.90
74.125.133.157
78.46.5.84
79.133.177.231
87.248.118.23
88.198.250.30
91.228.74.134
93.184.220.66
94.23.99.218
99.86.5.163
00e03e176632741e6d7778c5805a9cfdca8b5c54a8c6026bf78ef26248ce7c5d
0350eaf35ccdb5e81fd6410f924aa857b491fce3bb1bc48e0935ad2b26a138e9
0474f3181bdca54c9777204b500b0ae3993fb69787662bb6c5490afcb65634c4
06a1b5afc54f03b03f1ec1d55390a43b7d0bea926033263e0988e33a8db55d19
095eceabca5358699a8efc64f4e44b27576d45c2ab864f1f50c3401676f9a827
0b0942dc692c78e2726e0a8e341b789f887a5d280ea107e718371fae64f23d1e
0b4cc12ccd09adacbf7695b7ae68d146a6b9bfa7a2058dbd4e58f31c14ec5e7e
0b835c6dc07fc7063b35534657fbad3c3f80ef1ac7e431c936ff11591472dc9f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e75958bd95a833d1ae65fbe317f523093eea165a49226187972aa208f1fed9e
0e91e1f5f9ab1b71b71686baf06d7a1661f89786df2019f315b2d3b8d1186f61
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
1012db27ec1cb433b46f471bb11c18fec71f59c5fa6f6520c87ff374e4ef0325
1043d8f464418da9b07f57422bb389edba3bc8c1b7e0a355961f8cf5dc5d663a
10a1c3546508a4f60041203cd2de027ba35189ccac7bcc4701c98ac6595bc434
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10db4dc4c370bc6a156a72fc9a0d737fca187df5df386eececa1908aa2da64b5
112aba6073ee49f1843f50fb5239e2d7c8a004325b50bd7f93ab093cb6b72e4b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14214f831b3a365b9ef0780e0afab8981a2e57c1b41b7da455a8b78780ca8156
162f0cca3cb9cc31aab351abf7abaedb5e942de4fba92554cabdb3e31eea532e
176b6e30b48ace76fce19e261ac688bde72e2defab631d9c2fafea242c559714
1923805a44d1944281dfbbeb7cb956c1efe2f55f968bb61fd93ae1c9612d721f
1957e174cb1527132317acd9ed993f27ce1da6e121dd4859577ede702775eda9
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c52f700c90d61ca6afc215442c2a7b68a37e03e01124c49ac7f08eac161a493
1cf64b0221f5ecc22eca75fdb6bb05dc292c60fd9d30d5d48ea96bcbd47ee2d4
1de66009eea3c9f435d5bea771a3717b0c9dc7abc9418e9357442c1afec63117
1e354c5c1c485745f5de9cd5c6792c58b914e14d46d373e61a61ebce12900301
1e7adc9a24a57746863ef54f2de5f8905c242ebc6d416713133ff989fb050222
208449b2c73b721f314bdd50963aab45162e001d84e157a84fef06cc1687cda8
2120ebbbe270d6417b8d272c6450d10ef0d94235287b3eb2e2c8a52de73cb17e
2139db140b042be2a5bafd65fa757f0eb3cf3e0f97c6a8eec957052530b03d77
21744e5617ca04d2ad0b171c0dd028fab66f8978cf23ad01bc926fab7ffc3f03
21e97d6f99de2231f721d901ae794d136aed5aa4230f44d751ddceefd3e198e3
2278cada41d2bcc06dfa905b1e859133291c58dc7fb209a57f9f5d02c11a92e5
228ae3149807ca543bf4adb5e08c2d5f78d5ecdf68ce1112c58061eb4f9e0562
2411ef0cba261612d596ad6fd9fb8cf35a91d8c91932bc1eca52133e491957c8
246238c26cb9ec8ce58eb89689bea4f8552f222bf1be3858846f167a18feff59
2497c9e9a629f58b652e0e2432919bba53d699a421f48da97c581f8c1f379f86
24b1dffe569d7f735c8fdcd1309b5137515b0a3881ebdacf1fd137fbd720294c
273282a153ded9e3bf56932b20e17408048ddd0d3edf359ebc52e1312a927c4e
28b04b730ec93a432ace59ed70723ac53e3883f180bf8414f22b2fff89cda6a9
2950229613d9ad032e4b67ab02b27b6011238893a8898a114e9981bba26faaa2
2a78f3bac19ad7038280232ef773f82a12bcc6034498cea9f23a854e2f171264
2ab9deba27aeb4c712fff3b61dfb174d0ee8ff8cda72a8d831766df37e2c0cf6
2b5514e397dfa4b681f07408e843b186c8e40f0c429e6b956154ac2c385aac34
2b6af8a6327b2ffc27912f67be0eb5cadd7cae15105f78d3cfb34e7a8cad0588
2b80d503a8730d64d126666ed2af08ffafad710ee43296bbc701f68b277ef0a0
2c01983431d9cc05de35cbeeca67244c7ee0b471f2e43bce60cff19ee899cd4d
2cb2f5f2d0e51cc2600e8b22bfb10db1958cc3bcc929cad2e5cd1b7c227bfe37
2cdf6164b532880410513dc2fd6f9289c184b28143b81ef6b44d8f1a4b2db6e5
30a7ab41fdf0cfa9430bb0bbdf447cb761f83d8dfb75b456bb11d7a1570d9fd3
313995a771199f3e737b10d1cd1741fa4f1581e25b4bb8e73c71345fbd71d52d
316fd92de184f954a5c3ee62d7ff4c3cca0789d8f1f40eb719821f3acfd79b64
31e7e5c64a4438bfa791df46d35d38a55054845a6ffd7a4cd7704a644cbc88f3
31e7eef09758875503099652e42c7ccc711355beb6a6043a7e04bf79fd313c85
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33e58c840a141a0044aef6e584dac6a5d2e30fba8cbe62b3fc7745d9d4ec83ee
36a51db370d5891b86686a3ad0157e4668d9ce34d7cea0168831db46b8a1d612
37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902
39685db80e880ec9e59c22115c5bcbf76586a95bf618a714d61fc0e5f271fe77
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3c660dec6cd5e8f9e0b3c518da51439c7a47a1b28da85193926a06b005f0905b
3cd24ffdcdbcf5c952f1a4523ec54486cc933e65a1e0c257916add56eed6a580
3dc936b3c6e476fbbbfea1c5d962f4bee0e3636450608357ffcf9e6e92e0d596
3ee8351e156e2e80d99018a585c18c0dbd9098e3bea84a131d8cbad1ec72c81e
3eef61507e5ba153c053a683aefc1e14a84044b401e846c5736572094dd2fe5c
3f2ce7cde1013adf80beb8a33256d751a37b0a4c180859cd161c60e38239c3a6
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42788537e39b68ac7a0b444a7619118eb69fbc5b1c566424a62a260060c2f2a6
42da4e5be3daf33b5e0fe060f26ba0045b2ec3de89d7ec64ff182a6a5ab5b69d
42e9c9c04f6af07ecee44235b0ca8de72da441e8cc052953c08e19d0f5a18c4d
45f029b0dec12e864c693266265b33e968158edb8ae5761c09013c8069544c2d
466aef5d91a0d9ddaecb918a3f22311f84107a79f36db4bebb803294f555d3ec
48deef5a4537b8c2d3bbc1c4cf8b5133ec55fade9fb3ab81bbe36bb4f7cc3f73
48eb003caba28027814abbac8dbc3a5bc03c3c5e4cde2232c2464e43048eab30
4a26cc6cf40465651cf6eaef5995d24dd7cd8ef17a3ba63777f8ea0683b2534e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6f17dd9924af4706d717e87503d0e92cdb78ed03a0aeb8b081b2263c48526e
4f1a67bbff170b958990794fc07cf80f433268c65d7172b00b899efe464a3fad
4f89c3f5e60250f63a380675d25b1d0befb14bebac1b7361333f09d1686d6ea2
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
503e3f479817f6dad12d5fda0722d99ecc6cccbca48e63cccd674ab60b5e02f6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
505e6db5f39e8128cef962c94808c7ec5599d4805ed24c26d353199ddb18288a
50d828f84ee2b4939514c4d4855ed1c2b1252b040277f7fc8e691a00d4787db1
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
5124d27328c2f5c4b2a560fe2ad40a2ece04ed9f465f354fa35b741c124fd466
51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c
536b9ab23b8cab5e2eb31b023a5685ec04b119f5facad57da44c76fea9c1c230
5577dfc0f7d981f0e52872f70475d085675200dab0f733ba23c4edb03e6124eb
5587ca41f509ea115a518336f6ac6e376379a25fda215b58c4921f84040f0f39
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
5a0048899635d9ede4c6db7c11de65bca67887d495265ea686dc4a6b2b24df49
5aecce6806400e63014444a7b98e660eb78c35a9ebeb0efc58c349cf3be069e3
5b4a8698e5c880ff6090a1c0cd2558e42b26c5a1bdf6cb08b9d8f2d78077fdd8
5b5be72749970a138dd1921fbb15b7f264f1894f9823bebb1248193aa7638639
5b8b1c03ab42724e3650cfbe85b306f6dff9403d287599532bdca708bfb97c9f
5be5293fd225fdd263ba480a7786b3209ba80fb8e77a567aaf3c29d3b0ce605a
5c13f8cb7061ed8f110285b3ae94b42c0f123ba6951731f41d0d7c2dc4e18ad1
5c6fc998321adc6162f3d4b3a18fe409f44f9742b0a33ad6fd6e7358b16b54d4
5cada29124805d8e0454dc5b67225bbf87075cffd53418e9c56f674708220e2c
5d632a477c1d7401f8e9d68bd1c5096c290ab22dfed0da34ba93a0bc2a6d8a3d
5d6e17800d360a1c1649bfa8d3d607a770775debd70161694f639707164a00f0
5d70f68fce1f03878669788f5c6e57626048b1c5aee520dcfaa78a1a84a6c62a
5e62e7101e59f206b451a65e3f4b56fe65fdb63abac707348a073be728dffad9
5f1ab65fe2ad6b381a1ae036716475bf78c9b2e309528cf22170c1ddeefddcbf
5f6a761102c6ab539f8c8886b76f6c4f92a49955a4bc5fec019a0e741638cac3
6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678
6071075a898be0eedd9f217351c0eae2844f4e02b0cfb58e060122d3919507e7
62829675b31c3c336b79e09872f249e6d6262c6faa9371985f821223dbaf2d6b
62c6651e95b797e7856e126c0e3db49e24f50431dc4c4880222b8adc3551b78f
63b118f308a4a5d222dc7aa911ca308d4c898dbeb96ab85579a664c8098354e1
63cb783682c1fee5751754ed4ece9fb79f6076ed6b3f8897f3eb699048473a3d
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6418625b0e3a5a82820bc3ea96f5e6354e6452245ea7c8d5ef08d9a60c930364
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
66efeaacbd90eba053bda6c0f17599873a6d2023a9408bd9ad2d414cf9813444
6721eb29e8a4b596d045587d3f99e6ba44e4645120bebf28005631c9d59f9fab
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
69cdf4534c0fc31cc9e46568b011af5dd27119ae300d242acf3fea0dba6c5307
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c8d3c1ec02a0cc584103e138a949febc7c036e2bd4f3c7f8d5c2b7bff25c92a
6dfec80199f1a2974c09efa6f6ad9701c7a48ca7efdaac16a7fdf97e07d27d37
6e3d14d0dd98175d8c8300d21f0f6b62719ca4bc5be0559bc2daa78073eea8ba
70e1de1632d61c9c74213d099c9561877f0591d4861a5c3e82e766b53d4d666a
7222bdb705a3d4af9ac5d4f1375a3709bc77578dcc0e1f3b5caf55fd14af959c
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
733b914636197a9c74891bd8174ed89e6f6e25b244bac9a301c20c3ecb2f9b17
75e96f6cfa669e696fae683aea0548462c4dbfbbf6be986a5d4bac217874eb59
7770fb287496ea4c36d2ac2f7ee6200008b73da0ec061c4d7e6d7a591df92fd5
788da552af614f8063af98fd71499e8a28c13d0b82ab34beb840f682e6c59100
796fa4869eb63bf3f5de67bef3faccce9bbb3fb65b44fd0dfa2d139fa2ffcb45
798510123daf7abb9b350d0a0a2972651284dbf867b8e565df56d64c9b2b0797
7b75455f6bc681b8ccf92a51442f1ac2c91fbfe1c813837a9650e975b3456913
7f47395e0ff2dcf39c483455c08b67d58ea1cc072368277a1f8ea4be08220d07
7f67d90d957dd4ee4d98b2aa84d917c435702010342d449a1bdc7fe3b7e1e4c4
7f97673cf66b00904b2cdaa4c3a35841fe6608592b4a7ea46de1a4814f9df1ba
804950bfa8f2b509f30b437b7c0a19bef4f1c0560d55921a45a0716e7f4b72c8
808ecd508fafb1836f5a350eb2165824e8130f96ba29e1b35d9d473d8b13708e
8292599fb0cd28d6c1b7f3a82bd4ebfe2900fc67fab40ead78947e404b27f545
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8491e6705bdb33a52dce45f3e5299aab11aa555537f6a6e869e4a0bd9af3d7be
84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b
850fbfe1c79c1337d6691bdb976901786fe2ae250333b90624e95080c284d3de
85ebe02980b06c6af6873b57586eea9752429741d34dd15713d7da9dff8d7c95
89125aee55448d629533ef39961819e91c16e1563bfc9cb4445a0b66155d03ef
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8d6db8d32f8cb86ae4d55bea4c8275733a26bc4eeccceaaa63504ebe71d114fe
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
91688adfc8c377d69d70bba5cc65a9b1c2526a13dd79e740411a8db440071d83
9184c5678bd1a3b6073cf7ae7bb4e4e59d79eab88589ba3d8c267128c701190d
932060b34fe451f1cb994f3da257f6d2d0f281e1e286e9f3f0e2da63e862fec6
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
9413ac70f0dfa293eae8e934799be6a1cde8cd96db876ce9bd127c41630847ee
94a8e0b18503c3962da145e83926ae6b47bc97986978c70e707d1843b50c2851
97155c1b3f385419f3e71310451e82b2b9c745a8de025aab137dc9b3c1c29ccb
97ca938a84d4e4fa99f13992d8c1bf13929c0bc5f4315fe47dd0336f389c6875
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ab6ed9795e2f7e4f657148a92d36798a27dd29ab2d4e992fbce352de9a2e42b
9ae7f0fd543760d588139b1ab722dbc3877832457b9ad0e3f3b566e8d7bdc1ae
9b166a93c0a6ba6d25f10c3b28af1aabc8546357dc21a1c8e7dc6dd22484327c
9bea15781c983c41355713349cf281fa3a1f26a612798f9bf5a62910c0b32e00
9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06
9cdfc421265602e0a9c952b7c9e7ee8f58cfbdfb27b0d3649b818ecbb24f8908
9d384d8c62251ddbbc45c8d6e19abbb5afbcad5925f9f6f5587f8bd0bac8627b
9d45e8f4a2b00d6e2fe907ae89c42fa1ef76fd5e59c96db23dd5100d1f67cdc5
9de0c8978e69302a3aa776ff407769b18f57ffa7d8122c2da9ef747f93cd43cc
9e890be7ef5976ec520a702bc74799b2b16d81473b574981e699621aa0a14c9a
9e94347ba4cb9a17ddb02c8a7564a6a6c22be2751d2e1da6f618f19c32e28098
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a06a2c805ebc2a54705ca8c503338e0d3ed42281ddd8c2f94098eee7dc900bab
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a12c17ab23790461e677329f9dac5efb0ce19a38fcece15f785ff7f42423cc26
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2f3c118bd591281d5d16ba63d77ab8c6ab5fb10cf4d24a8f8f6522df6174318
a2f60a9699fa2fbac50f9ec4d058889f5cd8b4ddaee5acfa819d0f3df09155d6
a3d03036ec93ec91b7e43ca3941878bd185d08de48ab9a777a4616ec01d281fe
a44d3ec173e107b223bb7b4b74f63c780081a59fadf0f90bcaf3baec5b76dccd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ce42c84a4b2ac018c2839bac1ca870bf54d17c79f8d5bdf8d6b450b56953fe
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a74d2554dec9a60d2ca02c00671d4bc95d30e469faea9307e722ad60ce235c2c
a779a4121b8d6c726cabbb6584c14ab12bca2c8baa71cfdf6579bfdb86aa2e0f
a87748394a66daba696e59525c519e2e087d2c3a2fb5d3c128cc164829483670
a89c5d02602316b77d7d50cb7b8a168c10d707994d6f2aba75788365896bf5ed
a910633701d4b3e18258597c3247151848d7659f6c98550c93018fcd70d395f5
a9613f7645c91aacd5d5027d72140f3ffcb148eb265aeee3b529303e28f8bd03
a9950fa5ca9cf47072770900d259bcf6778aa1119652d2e706d5eb92df254199
a9cd5607cc53b260c9f6f8512662bfaa6b06e5fe57e02caa5a02a5b62465c9b3
ab229322552892c8734d333a6b52b479f3d9cf7c8a1fc9cf2d8bd6ba3420284b
ab4ecf89c028af88c3dfb534fbf7ed5e5daaaaf2d97bbdbde7377d35cb788de4
ac340918fa8787c92714feb51582842912f3d801643adc30e2c696d5beb84c16
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ac8b8516f6869b7adc1439e688d8cdcac3d5b30b7c7c62b1c401454f98a287d0
ace810d7e2cbb4f8c40ce09dc8e191ae466adb4e1a7d49c59f2215b411d38b05
acec93da4199881aef357b3b7d43e4ab075ed3c1f6281c970ae5f76d35704a4b
ad3d17c7e83b73549e7162aa9ee792fd6bba6e10d4854cae9f1580a43865fd74
aeb69a9bb2db257a960b23f0243bf86fe35d849b0b5f70625424a1a13f4d9f37
aeb79106b2e11ba22cb8bc42024ee8ac2c2aebc710070990eecb2dbf03602a54
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2d583999658b96ba5bc7d5cf834ca654a8930d5937c8f4830ee9c7e6fac5ed
b01e8a7c878711f6b2e5091d9d616cbcd8489110fcb8fa2d19994f4d96e85602
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a60c1648f87cf362181fa6e723a934a29f65d0279d8248d3dff22af1591ae7
b29e38c49cc6270dd56183ff3fb48ffd5b9044d47d79a9527b77c748fb5e331d
b2c044e8e8af87330e2c1c28479713e3107e8b9fe79b3a881bcb247902531db1
b3a7346cae0525400bb6539496990f7de2ee33862cb6e38fd82f0e463d367e1a
b5e2aaafde5b89dfeceb566b7396f2a67d3fbed9fc89b009e885be3e63216fb5
ba1e3c140c019b93850954d64696d4b6270471955977ae3eda414e769f87bb6d
ba4c3e6b7839f72c81b4a21482316c6c22cc49372437254abdbd9e59c8dc9273
ba7fbe70edcad6a5142770f902eff7709d407eb59e9cdac7905272e089b7d5b6
ba8098ca0d26f070a7534e1ccbe2059e02e76a65f18fdae806e6e09ef3dbd8dc
baae6e0088307a13cc5db5d66d32ede5d254e7b120310d8f329f73a766517fb9
bc535d5a918169bbf8d976689ab0c7ac556bdd6b0937254f93600a7fb6254f9b
bceba3fa49d68bb042d5b06465679c6403958c88225a3850ab00f86b420b6295
bd5a7b2bafa6bbebb71e04d1662214c570a9d4a1ad8346d0b3d4c09700ef7c34
be0ebb6a9384f29938d0f5894a207ea7bbd3db414a8c84d95e5996c15c6e033a
be65b1c567e1f7558833b17c954318334b0e687a81cf4b77978460c58d210561
bed57a09b10b5cfc83c33f5bc6205831a9db085c874bc72d096d05ad2136e4b4
bf08ee547de62cb27fc4a8b3185f99dac569a12b6087b8a5cd5a839e72dc56ff
c02764d04856aa7d3835433a6f4ba65eae7798e048417aef13ac3167468a5a9c
c1930ba80ff97a325fded249c202641ec6d64b7c7df30e89aa663fd077491b35
c1c88d9d413d0368137dff50b21e7b444aef7b21f285ed64e131841975023d79
c4398c3b97346a2e6bc050e32164e47054a99fdba6b9268360e3ee84a01f5dd2
c65e07296a0f35fa9dd8654ef489c040021e1b31639f963c7c5e1070db1c07a4
c6ce2b47cde7cf913a3c34ddce355fa9c75012577dd34c35928add8676cb7fa0
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7a0487d74a704047df1de9cfa673cb5afcf1c5e865264e60bbfba4c5d0e6664
c8b3fffd69a832d90d8b22904744e2292350614913464c40ec99f39dad662b0f
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c998005d6337db0fd8d58986b7a794d26d84fce7856fd4a86288c5616a2df275
cc78bbc89ae37cbd14089271a95f875d19faf024cbaf7474d4529d150108c0b0
cd216a162cd25b17c6009ad87c572340ffe65299dac64a3d170dc92a508f30f3
ce61748ce893b3ec7b81cd022f4a9ed673ab4c118f5cff9a4c72a2160d04b496
cf8c4e6304712bf09958038528196d87079449c1701c5910859358ff8f175ea8
cfd3099998b0c37ace8024cbd802160585ba9be1c0047fefc172035184f074df
d00ef9f9dce166845458fc99049b500dd07238787ccc25da41ea7f9ac7fe7b5d
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1706f5e2610dd682cbc7ba5bb47bb28a733cc6724dba834bcd636566a746fa0
d1a62604b6cbb7cc663de93e44d12c4470c79f2d5168b14f56a633db26d3836f
d26ea3057811c2841a29c3c3f6889a00a7a157e603f4555c62c07ad8a5c4caad
d2e9a3880308bb293fa43aa6b6ba08f9c072b8ad604b9c2c007a36b17db920a2
d312d016339fbf7224384b7720fc29cbe5fd04e0de92928c8a99446ab962eb65
d4cc2c709011178c06e10f7c74ba463f3e4df26d12c2b11809287f6a9a352f50
d59b4b576f1abc4aada3662219026fd135a7d43cc63bda4867f6ca655299c010
d61b0f183694ddea8b526970382b6334d021d535526ab67ed9e2968ddad5d063
d687a7b92e62cfac02272e600d0e1f4f97a095d56e76aff54c474ee38d8718ad
d6af7bd61c576a0d197b86398ace3e4361a3ebb83d861d7359a106e753edec04
d7f36354b34b6689975a55773065d0b9dc7ab48ef63ee6e8bb68f199bf7debbd
d9c56677f5e4bf4db2d10b3e4251337f9c954733c8b35b24f6861cf634ae42a9
dbacb3c6f98ea75d147cfc9947294a4cfc214a44e1c8fff96bd05424d41d6b46
dc0668123dfc98af03587bfdccb33429a543000c2c03d014b0c21f219a4f9d67
dc5e0245a9f89d144afabfb55c88f190a4153ad8c3baa67e340a2a7715a64940
deebccefdbb9e3846fb52bdeb875696fa33b4fcafb00d83ac8f89631084df26b
df85308570e04807627688fe6a09440aa2aa7b46892e1d565fc5cacde9b28d98
dfd67f76273a5ee99757bb66ec7648d8c09e5bc44f4f8830bb242fa4c9e58579
e08a4d0be4f20b3fc5e1c59ae29731a3f2d03abac992e3be1b4a1bf1ae0ed4fd
e18c5ef36f7d9551309467111e398253bbcc674957ae34725291fd2d89363ac3
e1b1908628a44d2759e1d75733367cb4654f36251d1491c4340631587bbbca76
e26801b344d9fb191aa53ea743d2d8b5f4888cebac66ce1128f63078aa53f750
e2ba400a3542c7f986dd240f2def70cc8d021912a6376e6da574c28630a67b3b
e32b017a5bc36cfd7104924ee59da3e015206b7be6132b36f5951b0e7775c4c6
e3819e568c82cb7339b3233a0ea549c0faedb08472f53a982443d79f74c45e50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3bc18b154eec799c9f98e208178afb8b25d80fbaf523c11fe23fce222a550d7
e53f47bb47d135f3d93abc61c09ca9969b0fffa0c67b166cd951cfc62c1384a8
e57cff7a9a57bda8e04b020fc1ccf5a3a74fb9979bb5468be5e7b9e3a4a03753
e59f39fd9be6b3737942676248d273b23f94ab60f7b7e608230d6a107dccb7ac
e65822aa8296dac8588b4c6c372dd063eaec8ecadea315860c8769b499e3cc36
e6caa798c89899c4fbc30995876dc3746c03d22d55f3e5f317ce4ede158bacbb
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
eb2c371fbecbc55db33784da22b4730a3e3024edb47f12f68fe89e8b11a9d67b
ed654d5fccbedc2a1ac46c528f1d05c7d7063ec23e3387fb186b5f361afd0af1
ed6818649489f3c542a92f2e189696e69f304ca0f4e9a85dfa340e669c6f3304
ee02f36c56cfde0d741205035b66fc3419937efa14d562cb91aaf6bf20973be8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6fe33c1cd5b855e101b07f25c08d2db21f94ccf65650d6923d9ebbe76e4da0
efb3cdc5e4582fd67dffab6fc6e5062074ce3f8c51747346af944e97749dc309
f1ef21ee22200cc7bb8cc03cb3e0149166d4f668cc61f557edbd0e7bed857961
f2172868bc46d74ad32f2715bc25a8716e07a784b2ecb24d9d077d2125c6c993
f4e047c7e47910f1a9b0d6ce7fb2811c87d767476cc6444dd428f7f79d32f475
f684079bbfaf797e9bc635f6beeddb05d75bead79c54aa83eaa3398523090294
f6ddafbe31a54fd6596b1b311ce9bd9f829bae926e3d6bad5ff9d0a8e03a6bc0
f704320231a4061188024bbcbb509667e794d35fb74a020f103d904e09cd1e72
f8d3ed9e90bb3208636c1a1858f534e203f3c52cb8ef464a7bd2d81bf1a60305
f9044316dcfa2fcaeb9c7af4bf701bbe3a6838866ee4920d47bbe163f0ff2e6c
f969405b1ddd7cf00f56dc6778c179d82116bcfd2b8a59d39c91874d9c84d5dc
f9c26e82e31e210fe6270d01fa9b70d88b6ba1c65d21283b65a0fc547bafd859
faea48f63ed0def0a3d512778e3eb583c7a2d78173b884af12d652474c296d8f
fb04d81333ef5f4c32b2c0e753035c869a8575d64ddae12a911c5e592734118b
fb214dcee17529a87f7896de7aabe068e469212c2abd4e6128fcf31d1146cfd4
fb9d016e0c32fea041fe6d83b1a6d2509e2baa2faa66c30d08fcbe30966c8335
fba811fcda9e897bcb600128fc7c3e22b43a07c3f09ceb05cc15fe62870c025e
fc48b7c9856fd04e9b657943d039fa00c9171fb2fed4e70f2fb0a0f9d8d5140d
fca9fbc2b7bad4d08e4b4cfe80420df03b1bfa4cc2988540b4e816cc905bf33f
fcbfbb94d1e7a2752717ed3f5ae87c99f8df4d8a991f98b25df1e283ff2b88cc
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe95a4c752590b7e2d5296446643300206175ff9312c477057c1c9dec02e9f84
fefc532188caff828d8f1c9723e5f5fac4bfbaa3b86db0da9dbe81a272c778ba
ff357113f88142adbad7c7053ab016fbf3cfce8e432c463f485b2ab9c368e57e
ff5d8a028ff39c502c3fa2b253693b90569f9a9c87051899d92a37d75017657c