urlscan.io logo urlscan.io
SecurityTrails logo

hd.stheadline.com Open in urlscan Pro
163.181.56.178  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hd.stheadline.com/news/realtime/h
Effective URL: https://hd.stheadline.com/news/realtime/h
Submission: On July 25 via api from HK — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 102 IPs in 13 countries across 76 domains to perform 298 HTTP transactions. The main IP is 163.181.56.178, located in Frankfurt am Main, Germany and belongs to TAOBAO Zhejiang Taobao Network Co.,Ltd, CN. The main domain is hd.stheadline.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 30th 2022. Valid for: a year.
This is the only time hd.stheadline.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 163.181.56.180 24429 (TAOBAO Zh...)
40 163.181.56.178 24429 (TAOBAO Zh...)
3 2a02:26f0:310... 20940 (AKAMAI-ASN1)
1 69.16.175.42 20446 (STACKPATH...)
10 203.80.0.157 4655 (UNSPECIFI...)
8 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
12 2606:4700:10:... 13335 (CLOUDFLAR...)
11 2a00:1450:400... 15169 (GOOGLE)
4 34.243.61.200 16509 (AMAZON-02)
1 1 3.248.138.51 16509 (AMAZON-02)
3 13.250.133.90 16509 (AMAZON-02)
3 108.138.37.209 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
15 2a03:2880:f08... 32934 (FACEBOOK)
1 3.248.22.29 16509 (AMAZON-02)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 5 108.138.36.39 16509 (AMAZON-02)
1 63.140.62.160 15224 (OMNITURE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:225... ()
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 108.138.36.46 16509 (AMAZON-02)
1 34.96.70.87 396982 (GOOGLE-CL...)
9 2a02:2638:3::3 44788 (ASN-CRITE...)
1 104.18.35.34 13335 (CLOUDFLAR...)
1 34.102.146.192 396982 (GOOGLE-CL...)
6 2a03:2880:f17... 32934 (FACEBOOK)
1 87.248.100.137 34010 (YAHOO-IRD)
1 69.173.144.138 26667 (RUBICONPR...)
1 69.16.175.10 20446 (STACKPATH...)
2 34.107.231.31 396982 (GOOGLE-CL...)
5 162.19.138.119 16276 (OVH)
2 35.190.39.111 15169 (GOOGLE)
4 5 2a02:2638:3::c 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.48.190.189 16509 (AMAZON-02)
1 2 34.120.135.53 396982 (GOOGLE-CL...)
1 178.250.7.13 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 6 142.250.186.162 15169 (GOOGLE)
1 2600:9000:249... 16509 (AMAZON-02)
3 34.98.64.218 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 13 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
6 2607:f8b0:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 6 185.89.211.84 29990 (ASN-APPNEX)
1 185.106.140.18 7979 (SERVERS-COM)
1 188.42.34.64 7979 (SERVERS-COM)
1 147.75.84.158 54825 (PACKET)
1 2a06:8640:454... 55081 (24SHELLS)
1 217.182.178.225 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
1 18.194.200.250 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
2 178.250.1.6 44788 (ASN-CRITE...)
1 4 178.250.1.9 44788 (ASN-CRITE...)
2 2a02:2638:3::10 44788 (ASN-CRITE...)
1 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 18.196.36.208 16509 (AMAZON-02)
1 95.101.148.20 16625 (AKAMAI-AS)
1 69.173.144.165 26667 (RUBICONPR...)
1 18.195.243.79 16509 (AMAZON-02)
1 185.86.138.150 201081 (SMARTADSE...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 104.75.89.75 16625 (AKAMAI-AS)
2 13.248.245.213 16509 (AMAZON-02)
1 3.71.149.231 16509 (AMAZON-02)
1 37.157.6.237 198622 (ADFORM)
1 185.255.84.153 200271 (IGUANE-)
1 2 185.80.39.216 27381 (CASALE-MEDIA)
1 2 54.77.30.253 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 52.58.161.8 16509 (AMAZON-02)
1 70.42.32.255 13789 (INTERNAP-...)
3 185.64.191.210 62713 (AS-PUBMATIC)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 85.215.5.31 6786 (CRONON-BE...)
1 23.35.237.75 16625 (AKAMAI-AS)
1 52.30.155.207 16509 (AMAZON-02)
1 18.184.162.173 16509 (AMAZON-02)
1 108.128.74.29 16509 (AMAZON-02)
1 3.141.189.42 16509 (AMAZON-02)
2 3.33.220.150 ()
1 51.75.86.98 ()
3 23.32.184.192 ()
1 2606:4700:e6:... ()
1 2 198.47.127.19 ()
2 2 213.155.156.169 ()
5 185.64.190.80 ()
1 1 193.0.160.131 ()
1 2 67.220.224.150 ()
1 1 2620:116:800d... ()
1 185.239.172.77 ()
1 52.18.8.176 ()
2 2 34.111.129.221 ()
1 34.111.131.239 ()
1 35.204.74.118 ()
2 2 37.157.5.132 ()
298 102
1    163.181.56.180 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
hd.stheadline.com
40    163.181.56.178 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
hd.stheadline.com
3    2a02:26f0:3100:782::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com
1    69.16.175.42 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
rtbcdn.andbeyond.media
10    203.80.0.157 (Hong Kong)

ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK)
PTR: static.stheadline.com
static.stheadline.com
8    2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
12    2606:4700:10::6816:dd8 (United States)

ASN13335 (CLOUDFLARENET, US)
image.stheadline.com
11    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    34.243.61.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-61-200.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    3.248.138.51 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-138-51.eu-west-1.compute.amazonaws.com
cm.everesttech.net
3    13.250.133.90 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-133-90.ap-southeast-1.compute.amazonaws.com
prebid.andbeyond.media
3    108.138.37.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-37-209.muc50.r.cloudfront.net
c.amazon-adsystem.com
2    2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
static.xx.fbcdn.net
1    3.248.22.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-22-29.eu-west-1.compute.amazonaws.com
singtaonewscorp.demdex.net
1    2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
s.yimg.com
5    108.138.36.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-39.muc50.r.cloudfront.net
sb.scorecardresearch.com
1    63.140.62.160 (United States)

ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-160.data.adobedc.net
singtaolimited.sc.omtrdc.net
2    2a00:1450:4001:81c::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2600:9000:2250:4a00:a:e047:753:be1 (United States)

ASN- ()
cdn.prod.uidapi.com
2    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    108.138.36.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-46.muc50.r.cloudfront.net
tags.crwdcntrl.net
1    34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com
invstatic101.creativecdn.com
9    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    104.18.35.34 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn-ima.33across.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
6    2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com
ads.yap.yahoo.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
rtbpass-us.andbeyond.media
2    34.107.231.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.231.107.34.bc.googleusercontent.com
p.adlooxtracking.com
5    162.19.138.119 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533570.ip-162-19-138.eu
id5-sync.com
lb.eu-1-id5-sync.com
2    35.190.39.111 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 111.39.190.35.bc.googleusercontent.com
esp.rtbhouse.com
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    52.48.190.189 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-190-189.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
2    34.120.135.53 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 53.135.120.34.bc.googleusercontent.com
oajs.openx.net
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
6    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
1    2600:9000:2491:a200:2:d490:4d80:93a1 (United States)

ASN16509 (AMAZON-02, US)
wrappers.geoedge.be
3    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
rtbdemand-d.openx.net
u.openx.net
1    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
27ab4307786ec7ceac97cd1774c546c3.safeframe.googlesyndication.com
2    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
8    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
13    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
6    2607:f8b0:4007:819::2003 (Mesa, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
15    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn3.gstatic.com
6    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
1    185.106.140.18 (Netherlands)

ASN7979 (SERVERS-COM, US)
rtb.adxpremium.services
1    188.42.34.64 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
1    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2a06:8640:454:0:e082:abff:fefe:d1d2 (Piscataway, United States)

ASN55081 (24SHELLS, US)
ghb.adtelligent.com
1    217.182.178.225 (Paris, France)

ASN16276 (OVH, FR)
PTR: ip225.ip-217-182-178.eu
prg-apac.smartadserver.com
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    18.194.200.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-200-250.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
6    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
4    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
widget.nl3.eu.criteo.com
dis.criteo.com
2    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
1    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    18.196.36.208 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-36-208.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    95.101.148.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-148-20.deploy.static.akamaitechnologies.com
contextual.media.net
1    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    18.195.243.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-243-79.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    185.86.138.150 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
1    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    37.157.6.237 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
r.casalemedia.com
2    54.77.30.253 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-30-253.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    52.58.161.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-161-8.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    70.42.32.255 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
3    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2600:1f18:612b:4264:1a4b:d3bd:f875:7f1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    85.215.5.31 (Berlin, Germany)

ASN6786 (CRONON-BERLIN-AS, DE)
a.twiago.com
1    23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    52.30.155.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-155-207.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    18.184.162.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-162-173.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    108.128.74.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-74-29.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    3.141.189.42 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-141-189-42.us-east-2.compute.amazonaws.com
s.thebrighttag.com
2    3.33.220.150 (None, )

ASN- ()
match.adsrvr.org
1    51.75.86.98 (None, )

ASN- ()
onetag-sys.com
3    23.32.184.192 (None, )

ASN- ()
ads.pubmatic.com
1    2606:4700:e6::ac40:c409 (None, )

ASN- ()
adxbid.info
2    198.47.127.19 (None, )

ASN- ()
image6.pubmatic.com
2    213.155.156.169 (None, )

ASN- ()
d5p.de17a.com
5    185.64.190.80 (None, )

ASN- ()
image2.pubmatic.com
1    193.0.160.131 (None, )

ASN- ()
p.rfihub.com
2    67.220.224.150 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
1    2620:116:800d:21:93ca:31d8:d86e:38f6 (None, )

ASN- ()
cms.quantserve.com
1    185.239.172.77 (None, )

ASN- ()
sync.adtelligent.com
1    52.18.8.176 (None, )

ASN- ()
sync.crwdcntrl.net
2    34.111.129.221 (None, )

ASN- ()
cr.frontend.weborama.fr
1    34.111.131.239 (None, )

ASN- ()
idsync.frontend.weborama.fr
1    35.204.74.118 (None, )

ASN- ()
um.simpli.fi
2    37.157.5.132 (None, )

ASN- ()
c1.adform.net
Apex Domain
Subdomains		 Transfer
63 stheadline.com
hd.stheadline.com
static.stheadline.com — Cisco Umbrella Rank: 493116
image.stheadline.com — Cisco Umbrella Rank: 458370
806 KB
22 googlesyndication.com
27ab4307786ec7ceac97cd1774c546c3.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 134
tpc.googlesyndication.com — Cisco Umbrella Rank: 153
139 KB
18 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 208
stats.g.doubleclick.net — Cisco Umbrella Rank: 120
cm.g.doubleclick.net — Cisco Umbrella Rank: 242
232 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 438
328 KB
14 pubmatic.com
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 590
simage2.pubmatic.com — Cisco Umbrella Rank: 788
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
32 KB
14 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 437
mug.criteo.com — Cisco Umbrella Rank: 2484
bidder.criteo.com — Cisco Umbrella Rank: 734
ads.eu.criteo.com — Cisco Umbrella Rank: 8549
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9655
widget.nl3.eu.criteo.com — Cisco Umbrella Rank: 17394
dis.criteo.com — Cisco Umbrella Rank: 607
58 KB
13 gstatic.com
csi.gstatic.com
encrypted-tbn3.gstatic.com
fonts.gstatic.com
123 KB
13 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 679
1 MB
12 criteo.net
static.criteo.net — Cisco Umbrella Rank: 605
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8921
csm.eu.criteo.net — Cisco Umbrella Rank: 8648
63 KB
8 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 378
161 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 244
secure.adnxs.com — Cisco Umbrella Rank: 458
10 KB
6 facebook.com
www.facebook.com — Cisco Umbrella Rank: 109
84 KB
6 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 845
id5-sync.com — Cisco Umbrella Rank: 439
52 KB
5 openx.net
oajs.openx.net — Cisco Umbrella Rank: 1525
google-bidout-d.openx.net — Cisco Umbrella Rank: 1519
rtbdemand-d.openx.net — Cisco Umbrella Rank: 38624
u.openx.net
1 KB
5 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 154
4 KB
5 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 365
aax-eu.amazon-adsystem.com
65 KB
5 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 211
singtaonewscorp.demdex.net — Cisco Umbrella Rank: 286209
7 KB
5 andbeyond.media
rtbcdn.andbeyond.media — Cisco Umbrella Rank: 32147
prebid.andbeyond.media — Cisco Umbrella Rank: 30330
rtbpass-us.andbeyond.media — Cisco Umbrella Rank: 31570
211 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 3
1 KB
3 weborama.fr
cr.frontend.weborama.fr
idsync.frontend.weborama.fr
898 B
3 adform.net
cm.adform.net — Cisco Umbrella Rank: 1301
dmp.adform.net Failed
c1.adform.net
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 82
3 KB
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1623
mp.4dex.io — Cisco Umbrella Rank: 2922
25 KB
3 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1038
bcp.crwdcntrl.net — Cisco Umbrella Rank: 881
sync.crwdcntrl.net
12 KB
3 adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 432
71 KB
2 de17a.com
d5p.de17a.com
562 B
2 adsrvr.org
match.adsrvr.org
655 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 673
880 B
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1570
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
280 B
2 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1148
x.bidswitch.net — Cisco Umbrella Rank: 355
515 B
2 smartadserver.com
prg-apac.smartadserver.com — Cisco Umbrella Rank: 10287
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 643
722 B
2 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 5935
sync.adtelligent.com
1 KB
2 youtube.com
www.youtube.com — Cisco Umbrella Rank: 94
65 KB
2 rtbhouse.com
esp.rtbhouse.com — Cisco Umbrella Rank: 1637
336 B
2 adlooxtracking.com
p.adlooxtracking.com — Cisco Umbrella Rank: 22055
4 KB
2 rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 616
pixel.rubiconproject.com — Cisco Umbrella Rank: 388
453 B
2 yahoo.com
ads.yap.yahoo.com — Cisco Umbrella Rank: 14341
ups.analytics.yahoo.com — Cisco Umbrella Rank: 323
733 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 59
21 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 166
89 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
70 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
84 KB
1 simpli.fi
um.simpli.fi
612 B
1 quantserve.com
cms.quantserve.com
588 B
1 rfihub.com
p.rfihub.com
795 B
1 adxbid.info
adxbid.info
3 KB
1 onetag-sys.com
onetag-sys.com
1 thebrighttag.com
s.thebrighttag.com — Cisco Umbrella Rank: 2147
269 B
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 639
339 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2027
45 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2271
39 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4477
400 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 32271
153 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2500
400 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 792
145 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1261
878 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 2966
266 B
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 901
343 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2066
165 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1327
100 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 588
367 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 634
796 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1004
279 B
1 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1771
890 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 10826
user-sync.adxpremium.services Failed
2 KB
1 geoedge.be
wrappers.geoedge.be — Cisco Umbrella Rank: 27464
3 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 5791
409 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1115
404 B
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 1618
8 KB
1 33across.com
cdn-ima.33across.com — Cisco Umbrella Rank: 1413
9 KB
1 creativecdn.com
invstatic101.creativecdn.com — Cisco Umbrella Rank: 1651
2 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 1648
2 KB
1 omtrdc.net
singtaolimited.sc.omtrdc.net — Cisco Umbrella Rank: 205689
348 B
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 559
22 KB
1 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1061
517 B
0 adtarget.com.tr Failed
s.console.adtarget.com.tr Failed
298 76
Domain Requested by
41 hd.stheadline.com 1 redirects hd.stheadline.com
cdn.jsdelivr.net
15 cdn.ampproject.org securepubads.g.doubleclick.net
13 tpc.googlesyndication.com 1 redirects securepubads.g.doubleclick.net
tpc.googlesyndication.com
hd.stheadline.com
13 static.xx.fbcdn.net www.facebook.com
12 image.stheadline.com hd.stheadline.com
11 securepubads.g.doubleclick.net hd.stheadline.com
www.googletagservices.com
securepubads.g.doubleclick.net
10 static.stheadline.com hd.stheadline.com
www.googletagmanager.com
9 static.criteo.net securepubads.g.doubleclick.net
ads.eu.criteo.com
rtbpass-us.andbeyond.media
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
8 cdn.jsdelivr.net hd.stheadline.com
cdn.jsdelivr.net
securepubads.g.doubleclick.net
static.stheadline.com
6 fonts.gstatic.com fonts.googleapis.com
6 csi.gstatic.com securepubads.g.doubleclick.net
cdn.ampproject.org
6 cm.g.doubleclick.net 6 redirects
6 www.facebook.com connect.facebook.net
5 image2.pubmatic.com ads.pubmatic.com
5 ib.adnxs.com 1 redirects rtbpass-us.andbeyond.media
5 gum.criteo.com 4 redirects static.criteo.net
5 sb.scorecardresearch.com 1 redirects hd.stheadline.com
4 www.google.com hd.stheadline.com
tpc.googlesyndication.com
4 id5-sync.com cdn.id5-sync.com
ads.eu.criteo.com
rtbpass-us.andbeyond.media
4 dpm.demdex.net assets.adobedtm.com
hd.stheadline.com
3 ads.pubmatic.com rtbpass-us.andbeyond.media
ads.pubmatic.com
3 simage2.pubmatic.com ads.eu.criteo.com
ads.pubmatic.com
3 dis.criteo.com 1 redirects
3 fonts.googleapis.com securepubads.g.doubleclick.net
3 c.amazon-adsystem.com rtbcdn.andbeyond.media
c.amazon-adsystem.com
3 prebid.andbeyond.media rtbcdn.andbeyond.media
3 assets.adobedtm.com hd.stheadline.com
assets.adobedtm.com
2 c1.adform.net 2 redirects
2 cr.frontend.weborama.fr 2 redirects
2 aax-eu.amazon-adsystem.com 1 redirects ads.pubmatic.com
2 d5p.de17a.com 2 redirects
2 image6.pubmatic.com 1 redirects ads.pubmatic.com
2 match.adsrvr.org rtbpass-us.andbeyond.media
ads.pubmatic.com
2 ad.360yield.com 1 redirects
2 r.casalemedia.com 1 redirects
2 eb2.3lift.com ads.eu.criteo.com
adxbid.info
2 imageproxy.eu.criteo.net ads.eu.criteo.com
2 cat.nl3.eu.criteo.com hd.stheadline.com
ads.eu.criteo.com
2 script.4dex.io rtbpass-us.andbeyond.media
script.4dex.io
2 www.youtube.com assets.adobedtm.com
www.youtube.com
2 oajs.openx.net 1 redirects hd.stheadline.com
2 esp.rtbhouse.com invstatic101.creativecdn.com
2 p.adlooxtracking.com rtbcdn.andbeyond.media
p.adlooxtracking.com
2 cdn.id5-sync.com securepubads.g.doubleclick.net
hd.stheadline.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 connect.facebook.net hd.stheadline.com
connect.facebook.net
2 www.googletagmanager.com hd.stheadline.com
www.googletagmanager.com
2 www.googletagservices.com hd.stheadline.com
securepubads.g.doubleclick.net
1 um.simpli.fi ads.pubmatic.com
1 idsync.frontend.weborama.fr ads.pubmatic.com
1 sync.crwdcntrl.net ads.pubmatic.com
1 sync.adtelligent.com ads.pubmatic.com
1 cms.quantserve.com 1 redirects
1 p.rfihub.com 1 redirects
1 adxbid.info rtbpass-us.andbeyond.media
1 onetag-sys.com rtbpass-us.andbeyond.media
1 u.openx.net rtbpass-us.andbeyond.media
1 s.thebrighttag.com
1 beacon.krxd.net
1 e1.emxdgt.com ads.eu.criteo.com
1 sync-criteo.ads.yieldmo.com ads.eu.criteo.com
1 ad.yieldlab.net ads.eu.criteo.com
1 a.twiago.com ads.eu.criteo.com
1 criteo-partners.tremorhub.com ads.eu.criteo.com
1 sync.outbrain.com ads.eu.criteo.com
1 exchange.mediavine.com ads.eu.criteo.com
1 matching.ivitrack.com ads.eu.criteo.com
1 visitor.omnitagjs.com ads.eu.criteo.com
1 cm.adform.net ads.eu.criteo.com
1 ups.analytics.yahoo.com ads.eu.criteo.com
1 criteo-sync.teads.tv ads.eu.criteo.com
1 sync-t1.taboola.com ads.eu.criteo.com
1 rtb-csync.smartadserver.com ads.eu.criteo.com
1 match.sharethrough.com ads.eu.criteo.com
1 pixel.rubiconproject.com ads.eu.criteo.com
1 contextual.media.net ads.eu.criteo.com
1 secure.adnxs.com ads.eu.criteo.com
1 x.bidswitch.net ads.eu.criteo.com
1 csm.eu.criteo.net ads.eu.criteo.com
1 widget.nl3.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com rtbpass-us.andbeyond.media
1 grid.bidswitch.net rtbpass-us.andbeyond.media
1 bidder.criteo.com rtbpass-us.andbeyond.media
1 hbopenbid.pubmatic.com rtbpass-us.andbeyond.media
1 rtbdemand-d.openx.net rtbpass-us.andbeyond.media
1 mp.4dex.io rtbpass-us.andbeyond.media
1 prg-apac.smartadserver.com rtbpass-us.andbeyond.media
1 ghb.adtelligent.com rtbpass-us.andbeyond.media
1 prebid.a-mo.net rtbpass-us.andbeyond.media
1 ads.betweendigital.com rtbpass-us.andbeyond.media
1 rtb.adxpremium.services rtbpass-us.andbeyond.media
1 encrypted-tbn3.gstatic.com hd.stheadline.com
1 27ab4307786ec7ceac97cd1774c546c3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 google-bidout-d.openx.net oa.openxcdn.net
1 wrappers.geoedge.be rtbpass-us.andbeyond.media
1 www.google.de hd.stheadline.com
1 mug.criteo.com hd.stheadline.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 bcp.crwdcntrl.net tags.crwdcntrl.net
1 stats.g.doubleclick.net www.google-analytics.com
1 rtbpass-us.andbeyond.media rtbcdn.andbeyond.media
1 token.rubiconproject.com hd.stheadline.com
1 ads.yap.yahoo.com s.yimg.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn-ima.33across.com securepubads.g.doubleclick.net
1 invstatic101.creativecdn.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 singtaolimited.sc.omtrdc.net hd.stheadline.com
1 s.yimg.com hd.stheadline.com
1 singtaonewscorp.demdex.net assets.adobedtm.com
1 cm.everesttech.net 1 redirects
1 rtbcdn.andbeyond.media hd.stheadline.com
0 dmp.adform.net Failed ads.pubmatic.com
0 user-sync.adxpremium.services Failed adxbid.info
0 s.console.adtarget.com.tr Failed rtbpass-us.andbeyond.media
298 117
Subject Issuer Validity Valid
*.stheadline.com
Go Daddy Secure Certificate Authority - G2		 2022-08-30 -
2023-10-01		 a year crt.sh
assets.adobedtm.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-19 -
2023-08-19		 a year crt.sh
*.andbeyond.media
Starfield Secure Certificate Authority - G2		 2023-02-14 -
2024-03-17		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.demdex.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-26 -
2023-10-27		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-03 -
2023-08-01		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-07-03 -
2023-08-23		 2 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
*.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-03-08		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-05-18 -
2023-08-16		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-07 -
2024-05-06		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
invstatic101.creativecdn.com
GTS CA 1D4		 2023-06-27 -
2023-09-25		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-27 -
2023-08-27		 3 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-05-28 -
2023-08-26		 3 months crt.sh
*.pubgw.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-07-03 -
2023-08-23		 2 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
p.adlooxtracking.com
GTS CA 1D4		 2023-07-19 -
2023-10-17		 3 months crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
esp.rtbhouse.com
GTS CA 1D4		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
gw.geoedge.be
Amazon RSA 2048 M01		 2023-02-21 -
2023-10-10		 8 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-03 -
2023-09-25		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2022-08-26 -
2023-08-05		 a year crt.sh
*.ads.betweendigital.com
Sectigo RSA Domain Validation Secure Server CA		 2023-01-13 -
2024-02-13		 a year crt.sh
*.a-mo.net
R3		 2023-06-12 -
2023-09-10		 3 months crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-06-01 -
2023-08-30		 3 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-21		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-18 -
2023-08-18		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-07 -
2023-08-30		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-07-18 -
2024-01-10		 6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
itm.ivitrack.com
R3		 2023-06-03 -
2023-09-01		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-23		 a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-28 -
2023-12-29		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-15		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
adxbid.info
E1		 2023-06-11 -
2023-09-09		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh

This page contains 31 frames:

Primary Page: https://hd.stheadline.com/news/realtime/h
Frame ID: B8C1DA3B2955F5C834D584D87782AC1D
Requests: 150 HTTP requests in this frame

Frame: https://singtaonewscorp.demdex.net/dest5.html?d_nsid=0
Frame ID: E2DC5501F3A894FB8F0A6B661DB4F0BF
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hd.stheadline.com
Frame ID: 7A420F138EA3EE4AF8D9D4EF8A3855CD
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3100fa037314cc%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fhk%2F2402786%2F%25E5%258D%25B3%25E6%2599%2582-%25E6%25B8%25AF%25E8%2581%259E-%25E6%25B5%2581%25E8%25A1%258C%25E9%2583%25BD%25E5%25B8%2582-%25E9%25A9%259A%25E7%258F%25BE%25E7%2596%2591%25E4%25BC%25BC-%25E8%25B5%25B0%25E5%2585%2589-%25E7%2595%25AB%25E9%259D%25A2-%25E5%25A5%25B3%25E7%25A5%259E%25E7%2596%2591%25E5%25A4%25B1%25E5%25AE%2588%25E9%259C%25B2%25E7%25A5%259E%25E7%25A7%2598%25E4%25B8%2589%25E8%25A7%2592%25E4%25BD%258D-Juicy%25E5%258F%25AE&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Frame ID: EF9AC75D6A6D3DA1EA00CD52FA8EBDEE
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11ae6fe27b0f5c%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Frame ID: F4BE546074F1D3E08E60715ACCEF1F8A
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2aa391c6d23aec%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Frame ID: 9AB535CD14EF3AE4E7B2AB3C454A410D
Requests: 4 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18d397644504c%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=282&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Frame ID: 8BEC0504BFA9CBEBD3605F757BD788F3
Requests: 3 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 52100CA26250A9F49569750DB66219D1
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3192a353837a8%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Frame ID: EA46E583CF6A313C83D83BC79D4535C3
Requests: 3 HTTP requests in this frame

Frame: https://27ab4307786ec7ceac97cd1774c546c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6B89DE788ED9579C9EA6630F76CD8090
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9E325512DBDE33F45FFB7959CB47595C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 639B1D3A1F8D6B7ED61C35120A0E3C7B
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: 12A9985A05519680141662E462AA4DED
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: ED82AF5083B71617CB17211E96E64FA3
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Frame ID: AACE40D3555376A90AC749B0D9E3A507
Requests: 16 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6bOTQ-GqDyBD70MeXjNt3DW07z5o8yXuoTJ3VkyUQVa1WfESLE_bf5MuP8M2mR724is8vDHSWnPJf2HgJ3e8iOlbprj-976FbolUiVAvc7qrMVfi7zNtPFAsCzwr_rwQGlzQOIU3cHLcuWboQ52YeUl3zOGbSVLxVf9JNgMXM6tgyasTYVKKrbn1tVzjMztxEUEO6liN4As-FnTsGC4JXxeArt22f9ONYC1hDUzXYRNR-zcw-EGGvvCMDpGLa86KKZbaAGInJHCozxpBbgYlhZKOoOFQlYPJn2pS90xOTHhRsgLWZ3FNZPeptp26sHjy0j3teYF8TqQw-__Nc6LrS-w&sai=AMfl-YQQOjGjzBuUqMFoRglIgos0i_ey9nz6AiA1aMC1RVAdf8rqlC-4zIKDT-4A9olj6ocfxtTjduTCxW5htdO-fWaZZl8hE3tTJdXGMXAW54NqAEulZ1qVWCBCka60rGc&sig=Cg0ArKJSzEgCsxInCgxyEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 70E5D7B7E695C07A96577BC2D74121A2
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Frame ID: C43CAB7BB98B1D9B74F7CEBD1AAC8FC3
Requests: 12 HTTP requests in this frame

Frame: https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=186190&cb=64bf6451733217ee8e41e534baf20c44&r=https%3a%2f%2fhd.stheadline.com%2f&crossorigin=false
Frame ID: 0FF509E52DC2DB23564E94FEA16479D1
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-oaM4oTIQcBd65Z2lQcMrb7vgxJj54RaOZ6F5yw&expires=30
Frame ID: 8FCB69B0BBD1CA1551949D8FAF45F006
Requests: 29 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: C397F4D601C6E3B5E83911EA288E0C87
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: 73C6A7301BC01CB7EDEA0D0858CE1F0E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156181
Frame ID: 91C6353C17D0C0D3FEA36C8A901FF883
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: E9AC69486F67540FA5869DDF4648C8CC
Requests: 11 HTTP requests in this frame

Frame: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 32D56DC647024366E1970BD20C930E45
Requests: 3 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=755289
Frame ID: B95A98307EBFC305DE8B03E3F27940F3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8518623629721075858
Frame ID: D641AB4B3F3206403E7A35B437716C56
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: 0BBF29370E3131F2480116EF7E4033C3
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685628760180469
Frame ID: 773823F35EFD42F552F43E9835DE8245
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=64D417E5-8C65-467E-B587-791F5154E1CC&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 35EF755C1721EB8035891D45C7B4A898
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4LxpfOC8Piz76jMr47Ame7S7PH777Toot-0boKFN
Frame ID: 001237E0DD53120E0AE9A428EED7E3AB
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=64D417E5-8C65-467E-B587-791F5154E1CC
Frame ID: 87F09E85025585F019B6A0CCA6F1ADA2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

頭條日報

Page URL History Show full URLs

  1. http://hd.stheadline.com/news/realtime/h HTTP 301
    https://hd.stheadline.com/news/realtime/h Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]+?href="[^"]+sweetalert2(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

298
Requests

93 %
HTTPS

34 %
IPv6

76
Domains

117
Subdomains

102
IPs

13
Countries

3956 kB
Transfer

12127 kB
Size

63
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hd.stheadline.com/news/realtime/h HTTP 301
    https://hd.stheadline.com/news/realtime/h Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50
  • https://cm.everesttech.net/cm/dd?d_uuid=11516349206899793642972229934555018678 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZL9kTwAAAGXqRgO-
Request Chain 113
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&rid=esp&cc=1
Request Chain 115
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=stheadline.com&sn=ChromeSyncframe&so=0&topUrl=hd.stheadline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=_2N1GnxRRnpUZFNJS05oNW9lc3lhVlRnU3F6d3Jta1NRdlQ0eTdkeWtRRm04ZzZ4WGVidmlrMDhsUVpCSVF1RWxPcTVFdmM4WDRsdEhHWFlUaVZGSkppQXdFSnFpUG0yN1dhU3VZSG15bk9xbDNoYlpNa2xKQUFVSmRUSnNPV3RLSUVsdjZ3MHc2UTAwYmdrd3hyRjdTMlZqcndXWWt6c2JlVjlkQTF3TTkvbXloZ2pINTdmdFRQUUQ5K2ZOcnZIYU5vbHJldFJyNkV6andFUThtaUQydTdjWUJCeFdYVnFaMG4yUHJTTzdMbEhxeTB2U0ZGZmFzY3ZIeWtINGRZV0MveGx5bFNoMFdaT0FPNy9lUXNqKzNjdVB5c3JNMFhTSytxa0tIaVNzaUk0enNyWT18&cppv=2
Request Chain 118
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTE1MTYzNDkyMDY4OTk3OTM2NDI5NzIyMjk5MzQ1NTUwMTg2Nzg= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTE1MTYzNDkyMDY4OTk3OTM2NDI5NzIyMjk5MzQ1NTUwMTg2Nzg=&google_tc= HTTP 302
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEB4Lo4nilL5ENISR6UP5d18&google_cver=1?gdpr=0&gdpr_consent=
Request Chain 146
  • https://sb.scorecardresearch.com/c2/9053246/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
Request Chain 181
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODMsoHuigEQ9AMY9AMyCOyWyByWpNP1 HTTP 301
  • https://tpc.googlesyndication.com/simgad/9079929770903279293
Request Chain 241
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-pSVpWjIQcBd65Z2lQcMrb7vgxJjBhxxpNvbVzA&google_cm&google_hm=ay1wU1ZwV2pJUWNCZDY1WjJsUWNNcmI3dmd4SmpCaHh4cE52YlZ6QQ HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pSVpWjIQcBd65Z2lQcMrb7vgxJjBhxxpNvbVzA&google_gid=CAESEME7BCS-WNbtiYmbzRmCrMc&google_cver=1&google_ula=913071,0
Request Chain 242
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1776016083629542497
Request Chain 254
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-eQOO6zIQcBd65Z2lQcMrb7vgxJiH7UwaYkHSjQ HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-eQOO6zIQcBd65Z2lQcMrb7vgxJiH7UwaYkHSjQ&C=1
Request Chain 255
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=N20gDkqMAWee0fkxNvqMgBhRO1dD98z9
Request Chain 257
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-XyveRjIQcBd65Z2lQcMrb7vgxJh1M1-hzigY2g HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XyveRjIQcBd65Z2lQcMrb7vgxJh1M1-hzigY2g
Request Chain 270
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=u2A2Z21KhohCKGu5SvKSRwMo8KpjrqGD
Request Chain 271
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=brX8OBoW8Bouqp0PJ665mQ-LD2Qip-0f
Request Chain 287
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D HTTP 302
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=4c4be1b0ae48ad6e67f75fe64d27f90588619a30c1b2409bbcf877db9c24a174
Request Chain 288
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8518623629721075858
Request Chain 289
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 290
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685628760180469
Request Chain 291
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=64D417E5-8C65-467E-B587-791F5154E1CC&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=64D417E5-8C65-467E-B587-791F5154E1CC&redir=true&gdpr=0&gdpr_consent=&dcc=t
Request Chain 292
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4LxpfOC8Piz76jMr47Ame7S7PH777Toot-0boKFN
Request Chain 294
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZNQX5YxlRn61h3kfUVThzA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 296
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2461674106 HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=64D417E5-8C65-467E-B587-791F5154E1CC
Request Chain 297
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=64D417E5-8C65-467E-B587-791F5154E1CC HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NGk0cmF3VVZHc0tUbkczeElzNmt5N3g5Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
Request Chain 298
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjRENDE3RTUtOEM2NS00NjdFLUI1ODctNzkxRjUxNTRFMUND&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 299
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPWzCCrWHLUzKNf7AOMrn-w&google_cver=1
Request Chain 301
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4383706241418646244

298 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request h
hd.stheadline.com/news/realtime/
Redirect Chain
  • http://hd.stheadline.com/news/realtime/h
  • https://hd.stheadline.com/news/realtime/h
68 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
43befd698138529ddb96e01a4c08750d401f6c2724984a4d6027d4be3ecc8feb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

ali-swift-global-savetime
1690264653
cache-control
max-age=240
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 25 Jul 2023 05:57:33 GMT
eagleid
2ff62b1a16902646531651035e
p3p
CP=This is not a P3P policy! See http://hd.stheadline.com/privacy.php for more info.
server
Tengine
timing-allow-origin
*
via
cache25.l2de2[760,760,200-0,M], cache7.l2de2[761,0], ens-cache2.de4[952,952,200-0,M], ens-cache2.de4[957,0]
x-cache
MISS TCP_MISS dirn:-2:-2
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-swift-cachetime
119
x-swift-savetime
Tue, 25 Jul 2023 05:57:34 GMT
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
262
Content-Type
text/html
Date
Tue, 25 Jul 2023 05:57:33 GMT
EagleId
2ff62b1b16902646531221668e
Location
https://hd.stheadline.com/news/realtime/h
Server
Tengine
Timing-Allow-Origin
*
Via
ens-cache3.de4[,0]
launch-EN227213af532841a48cb92e23b43a2f63.min.js
assets.adobedtm.com/ 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/launch-EN227213af532841a48cb92e23b43a2f63.min.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:782::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
9c2640454058564f6d00451bc313255f5dbbfe9258b8a6953a26ff070c8772cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:34 GMT
content-encoding
gzip
last-modified
Wed, 16 Nov 2022 04:09:45 GMT
server
AkamaiNetStorage
etag
"b3de6ec0abd63d90c2c3e655b71ff1f8:1668571785.703579"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://hd.stheadline.com
cache-control
max-age=3600
accept-ranges
bytes
timing-allow-origin
*
content-length
58042
expires
Tue, 25 Jul 2023 06:57:34 GMT
prod-global-552606.js
rtbcdn.andbeyond.media/ 		392 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbcdn.andbeyond.media/prod-global-552606.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.42 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
4105d3c1d549866ea78159bc4f0f21623d87c05a4fa6fdb7f647e1871e420f13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:34 GMT
Content-Encoding
gzip
Last-Modified
Wed, 31 May 2023 07:55:16 GMT
ETag
"1685519716"
X-HW
1690264654.dop071.lo4.t,1690264654.cds212.lo4.shn,1690264654.dop071.lo4.t,1690264654.cds288.lo4.pr
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
34424
jquery.fancybox.min.css
static.stheadline.com/stheadline/js/fancyBox/source/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.stheadline.com/stheadline/js/fancyBox/source/jquery.fancybox.min.css?v=2.1.5
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
static.stheadline.com
Software
/
Resource Hash
b453f7e482e40f3a63792b350f23d89ca0a9067676498d185281961be603176d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
ETag
W/"59085980-f1b"
Vary
Accept, Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
https://std.stheadline.com
Access-Control-Allow-Methods
GET, POST, OPTIONS
Cache-Control
max-age=300
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
Expires
Tue, 25 Jul 2023 06:02:33 GMT
font-awesome.min.css
cdn.jsdelivr.net/fontawesome/4.6.3/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/fontawesome/4.6.3/css/font-awesome.min.css
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hd.stheadline.com/
Origin
https://hd.stheadline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 25 Jul 2023 05:57:34 GMT
age
793078
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
6720
x-served-by
cache-fra-eddf8230133-FRA
etag
W/"7187-+1tJQm3ufxUIUA5pjRs8awTI/M4"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
sweetalert2.min.css
cdn.jsdelivr.net/sweetalert2/5.3.5/ 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/sweetalert2/5.3.5/sweetalert2.min.css
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f1000c400415ff168a11fabae79791b9e3d591cb0044159ef4cbbf8d6e103e47
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hd.stheadline.com/
Origin
https://hd.stheadline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 25 Jul 2023 05:57:34 GMT
age
695908
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
2945
x-served-by
cache-fra-eddf8230133-FRA
etag
W/"36a3-QhIre70XUQVyhmylh837j3o5miM"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
perfect-scrollbar.min.css
cdn.jsdelivr.net/perfect-scrollbar/0.6.14/css/ 		5 KB
697 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/perfect-scrollbar/0.6.14/css/perfect-scrollbar.min.css
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
0974d5da65373f9848c8ef02ab0b9c906ed85724e2d24f7bc9938be23221990e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hd.stheadline.com/
Origin
https://hd.stheadline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 25 Jul 2023 05:57:34 GMT
age
617176
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
618
x-served-by
cache-fra-eddf8230133-FRA
etag
W/"1215-U36Hvw9m8MAxNpvIQxUHtwjAQLM"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
bootstrap.min.css
cdn.jsdelivr.net/bootstrap/3.3.7/css/ 		118 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hd.stheadline.com/
Origin
https://hd.stheadline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 25 Jul 2023 05:57:34 GMT
age
1811786
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
21190
x-served-by
cache-fra-eddf8230133-FRA
etag
W/"1d970-ZSfYvz4ek2i6uMe2D1a8Afo6/Wg"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
offcanvas.min.css
static.stheadline.com/stheadline/css/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.stheadline.com/stheadline/css/offcanvas.min.css
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
static.stheadline.com
Software
/
Resource Hash
1bdbad79abe39829aab8993d33e1fa35e048e1c9c4687e4fa95374ac5a6d3746
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
ETag
W/"558bb3b5-1ab6"
Vary
Accept, Accept-Encoding
Transfer-Encoding
chunked
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
https://std.stheadline.com
Access-Control-Allow-Methods
GET, POST, OPTIONS
Cache-Control
max-age=300
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
Expires
Tue, 25 Jul 2023 06:02:33 GMT
framework.min.css
hd.stheadline.com/css/ 		77 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/css/framework.min.css
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
418c802ad641e066c9d4ea7ddc7211d9c148768ad3a64e3441e3736d2b78250c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:43 GMT
via
cache20.l2de2[742,742,304-0,M], cache7.l2de2[744,0], ens-cache2.de4[744,764,200-0,H], ens-cache2.de4[774,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
121
x-cache
HIT TCP_REFRESH_HIT dirn:11:1374915473
x-swift-savetime
Tue, 25 Jul 2023 05:57:34 GMT
content-length
15737
x-xss-protection
1; mode=block
server
Tengine
etag
"62e22816-132f2"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
text/css; charset=utf-8
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646542063132e
expires
Tue, 25 Jul 2023 06:02:43 GMT
framework2.css
hd.stheadline.com/css/ 		128 B
426 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/css/framework2.css
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
d13e08892ef48393ce58c434f13b67418c7feb03d70c2cf67772272568e969b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:43 GMT
via
cache2.l2de2[183,182,304-0,M], cache7.l2de2[184,0], ens-cache2.de4[185,185,200-0,H], ens-cache2.de4[189,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:8:221204675
x-swift-savetime
Tue, 25 Jul 2023 05:57:34 GMT
content-length
128
x-xss-protection
1; mode=block
server
Tengine
etag
"60e41957-80"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264654
content-type
text/css; charset=utf-8
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646542063133e
expires
Tue, 25 Jul 2023 06:02:43 GMT
styles.min.css
hd.stheadline.com/css/ 		76 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/css/styles.min.css
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
45269ea79e7206947c4efcd1f6be9318ac0dae6137b8591e4af4b1fc3cfc10dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:34 GMT
via
cache25.l2de2[186,185,304-0,M], cache25.l2de2[187,0], ens-cache1.de4[192,211,200-0,H], ens-cache2.de4[215,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:3:1303740520
x-swift-savetime
Tue, 25 Jul 2023 05:57:34 GMT
content-length
15111
x-xss-protection
1; mode=block
server
Tengine
etag
"63158d92-12f67"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264654
content-type
text/css; charset=utf-8
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646542063134e
expires
Tue, 25 Jul 2023 06:02:34 GMT
styles_ad.css
hd.stheadline.com/css/ 		19 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/css/styles_ad.css
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
776a0594ef833ca86a5ad41ebaa97a05807c1aa0d07224e13f9b79825cf01a4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:34 GMT
via
cache6.l2de2[735,734,304-0,M], cache16.l2de2[736,0], ens-cache2.de4[742,780,200-0,H], ens-cache2.de4[784,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:3:1372680604
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
2178
x-xss-protection
1; mode=block
server
Tengine
etag
"63be2f92-4a41"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
text/css; charset=utf-8
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646542063136e
expires
Tue, 25 Jul 2023 06:02:34 GMT
live.css
hd.stheadline.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/css/live.css
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c29ef8b4e85db8035a9d4b11357566bdf9a64d80aecfe790441246eb72860f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:43 GMT
via
cache7.l2de2[186,186,304-0,M], cache19.l2de2[187,0], ens-cache3.de4[193,193,200-0,H], ens-cache2.de4[198,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:9:163569734
x-swift-savetime
Tue, 25 Jul 2023 05:57:34 GMT
content-length
1608
x-xss-protection
1; mode=block
server
Tengine
etag
"627ddd26-16a6"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264654
content-type
text/css; charset=utf-8
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646542063138e
expires
Tue, 25 Jul 2023 06:02:43 GMT
icover.css
hd.stheadline.com/css/ 		2 KB
788 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/css/icover.css
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
cc544058a74b8854d1a04a48c60f52c76190c31daeb8f3a3df0af0be18930ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:34 GMT
via
cache12.l2de2[742,742,304-0,M], cache7.l2de2[743,0], ens-cache3.de4[749,749,200-0,H], ens-cache2.de4[758,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
121
x-cache
HIT TCP_REFRESH_HIT dirn:8:164122647
x-swift-savetime
Tue, 25 Jul 2023 05:57:34 GMT
content-length
566
x-xss-protection
1; mode=block
server
Tengine
etag
"59029f05-911"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
text/css; charset=utf-8
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646542063139e
expires
Tue, 25 Jul 2023 06:02:34 GMT
new-feature-photo.css
hd.stheadline.com/css/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/css/new-feature-photo.css
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
06856897c591ccb513ae6f2ec91ac073132f64f7215cb8d9c7bee9f20f40caa1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:34 GMT
via
cache20.l2de2[755,754,304-0,M], cache12.l2de2[757,0], ens-cache3.de4[762,762,200-0,H], ens-cache2.de4[766,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
121
x-cache
HIT TCP_REFRESH_HIT dirn:10:162239499
x-swift-savetime
Tue, 25 Jul 2023 05:57:34 GMT
content-length
1585
x-xss-protection
1; mode=block
server
Tengine
etag
"62418703-19ff"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
text/css; charset=utf-8
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646542063140e
expires
Tue, 25 Jul 2023 06:02:34 GMT
btn_click_comscore.js
hd.stheadline.com/js/_adv/ 		1 KB
928 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/js/_adv/btn_click_comscore.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8b80962407aedcf612e64d21fcf7883e2cd0803d1d63b2ccde3b66dbfe2d9198
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:43 GMT
via
cache23.l2de2[730,729,304-0,M], cache2.l2de2[731,0], ens-cache3.de4[737,737,200-0,H], ens-cache2.de4[742,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:9:163569730
x-swift-savetime
Tue, 25 Jul 2023 05:57:34 GMT
content-length
693
x-xss-protection
1; mode=block
server
Tengine
etag
"5ade8d09-486"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264654
content-type
application/javascript; charset=utf-8
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646542063147e
expires
Tue, 25 Jul 2023 06:02:43 GMT
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
279edfff7dacee399bf16bdbee1ce06da71168122e07f3edba3b8d41a9042b82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28169
x-xss-protection
0
server
cafe
etag
65 / 19563 / m202307180101 / config-hash: 14308175188880485398
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 05:57:35 GMT
dfp.js
hd.stheadline.com/js/_adv/ 		173 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/js/_adv/dfp.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
dce0aaa05889d2c949ef45338456ae7636598da2d859de6bd601a5d78bbfddf7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:34 GMT
via
cache9.l2de2[750,750,304-0,M], cache3.l2de2[751,0], ens-cache1.de4[757,757,200-0,H], ens-cache2.de4[759,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
121
x-cache
HIT TCP_REFRESH_HIT dirn:9:28627141
x-swift-savetime
Tue, 25 Jul 2023 05:57:34 GMT
content-length
13476
x-xss-protection
1; mode=block
server
Tengine
etag
"63eb267f-2b21d"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
application/javascript; charset=utf-8
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646542193167e
expires
Tue, 25 Jul 2023 06:02:34 GMT
purecookie.css
hd.stheadline.com/js/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/js/purecookie.css
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
642771f7da4fff4115ed85b2d0409893c643ed8b95dbf651da100bae5c4e76f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:43 GMT
via
cache23.l2de2[747,747,304-0,M], cache3.l2de2[749,0], ens-cache3.de4[753,754,200-0,H], ens-cache2.de4[761,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
121
x-cache
HIT TCP_REFRESH_HIT dirn:8:164125144
x-swift-savetime
Tue, 25 Jul 2023 05:57:34 GMT
content-length
1112
x-xss-protection
1; mode=block
server
Tengine
etag
"628df5fa-dd5"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
text/css; charset=utf-8
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646542063143e
expires
Tue, 25 Jul 2023 06:02:43 GMT
new-header.css
hd.stheadline.com/css/ 		17 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/css/new-header.css
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
899559afe55f7c890d3bed0f276c12afb06f9b9d634cb7971e225751df0e40dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:34 GMT
via
cache8.l2de2[730,730,304-0,M], cache8.l2de2[731,0], ens-cache3.de4[737,737,200-0,H], ens-cache2.de4[741,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:9:163569731
x-swift-savetime
Tue, 25 Jul 2023 05:57:34 GMT
content-length
2878
x-xss-protection
1; mode=block
server
Tengine
etag
"62e22816-45e6"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264654
content-type
text/css; charset=utf-8
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646542063145e
expires
Tue, 25 Jul 2023 06:02:34 GMT
purecookie.js
hd.stheadline.com/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/js/purecookie.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
7538d006ee781d6a7f6030912d2cf79f8f88bafcc47ac3eef81cab83c210cf4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:44 GMT
via
cache11.l2de2[748,748,304-0,M], cache3.l2de2[750,0], ens-cache1.de4[750,770,200-0,H], ens-cache2.de4[772,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:2:1304442902
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
1226
x-xss-protection
1; mode=block
server
Tengine
etag
"61263303-bde"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
application/javascript; charset=utf-8
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646550855227e
expires
Tue, 25 Jul 2023 06:02:44 GMT
sthl_app_icon.png
hd.stheadline.com/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/sthl_app_icon.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
27f7979d487134c6c3483a6806806956fc893bed2c53f8c515a11547e916b731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:44 GMT
via
cache21.l2de2[753,753,304-0,M], cache16.l2de2[754,0], ens-cache2.de4[755,784,200-0,H], ens-cache2.de4[787,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:1:1372807854
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
10430
x-xss-protection
1; mode=block
server
Tengine
etag
"61ccff80-28be"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/png
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646550855229e
expires
Tue, 25 Jul 2023 06:02:44 GMT
app-qr-sthl.svg
hd.stheadline.com/images/ 		27 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/app-qr-sthl.svg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
abd08f4d558cdc3aaf647eade7f780286cbbde3e8bc6685ba4abe28d356a9011
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:44 GMT
via
cache15.l2de2[743,743,304-0,M], cache25.l2de2[745,0], ens-cache1.de4[749,750,200-0,H], ens-cache2.de4[752,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:9:31585727
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
1345
x-xss-protection
1; mode=block
server
Tengine
etag
"623c918f-6a03"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/svg+xml
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646550855231e
expires
Tue, 25 Jul 2023 06:02:44 GMT
hlhd_app_icon.png
hd.stheadline.com/images/ 		178 KB
179 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/hlhd_app_icon.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
32a88002f35eff5e93c02eed223dfea38e568f21d1c1a699cd63be40df7db3da
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:44 GMT
via
cache2.l2de2[183,183,304-0,M], cache7.l2de2[185,0], ens-cache2.de4[185,186,200-0,H], ens-cache2.de4[190,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:9:193557583
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
182534
x-xss-protection
1; mode=block
server
Tengine
etag
"61d2a075-2c906"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/png
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646550855232e
expires
Tue, 25 Jul 2023 06:02:44 GMT
app-qr-hlhd.svg
hd.stheadline.com/images/ 		28 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/app-qr-hlhd.svg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
35abd6f2532968dfde78938c61e2a978d3a69cae565761d9ae77d174843a28cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
cache7.l2de2[750,750,304-0,M], cache7.l2de2[751,0], ens-cache3.de4[752,752,200-0,H], ens-cache2.de4[758,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:9:166603493
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
1378
x-xss-protection
1; mode=block
server
Tengine
etag
"623c91ab-6efa"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/svg+xml
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646550855234e
expires
Tue, 25 Jul 2023 06:02:35 GMT
navbar-logo@2x.png
hd.stheadline.com/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/navbar-logo@2x.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
6666a87d6ffe2c6293375a959d8f04322a28f49611dcad976f76cb58f750946b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:44 GMT
via
cache21.l2de2[742,742,304-0,M], cache11.l2de2[744,0], ens-cache1.de4[749,805,200-0,H], ens-cache2.de4[810,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:0:1944176937
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
5329
x-xss-protection
1; mode=block
server
Tengine
etag
"623ca5ae-14d1"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/png
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646550855235e
expires
Tue, 25 Jul 2023 06:02:44 GMT
_2023072415540476246.jpg
image.stheadline.com/f/600r336/0x0/100/none/236cfd730b49a05e6ca4954f16ab0c16/stheadline/inewsmedia/20230724/ 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.stheadline.com/f/600r336/0x0/100/none/236cfd730b49a05e6ca4954f16ab0c16/stheadline/inewsmedia/20230724/_2023072415540476246.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:dd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39c7ffdcb3ccc08860606eec39924f07bbbb5187b1eecb9b3e0ff66430407737
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 05:57:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
7ec22a8eea1b3665-FRA
content-length
90315
x-xss-protection
1; mode=block
expires
Tue, 01 Aug 2023 05:57:34 GMT
_2023072422450431734.jpg
image.stheadline.com/f/250r140/0x0/100/none/6e2a69dbbaf1c654ddb868f84e6a2ed0/stheadline/inewsmedia/20230724/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.stheadline.com/f/250r140/0x0/100/none/6e2a69dbbaf1c654ddb868f84e6a2ed0/stheadline/inewsmedia/20230724/_2023072422450431734.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:dd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc97bc2e33b850c815a7b944dabd90496ceacf79183de9b764ef179b5c8d9d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 05:57:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
7ec22a8eea1c3665-FRA
content-length
20663
x-xss-protection
1; mode=block
expires
Tue, 01 Aug 2023 05:57:34 GMT
_2023072018402711959.jpg
image.stheadline.com/f/250r140/0x0/100/none/ed677f92259c108394e1b2da64437838/stheadline/inewsmedia/20230720/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.stheadline.com/f/250r140/0x0/100/none/ed677f92259c108394e1b2da64437838/stheadline/inewsmedia/20230720/_2023072018402711959.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:dd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1966472b847060329c397fbf2b14672957e331ce8371b9d4d262c8e63d85c8b7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 05:57:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
7ec22a8eea1d3665-FRA
content-length
22141
x-xss-protection
1; mode=block
expires
Tue, 01 Aug 2023 05:57:34 GMT
_2023072421372836786.jpg
image.stheadline.com/f/250r140/0x0/100/none/21fa1074ed026638a72e8424760b22ab/stheadline/inewsmedia/20230724/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.stheadline.com/f/250r140/0x0/100/none/21fa1074ed026638a72e8424760b22ab/stheadline/inewsmedia/20230724/_2023072421372836786.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:dd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
903f2ffddc2ee0207b862d1738c3b5df3e45225a74862afd49f75cd6c899484f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 05:57:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
7ec22a8eea1f3665-FRA
content-length
22199
x-xss-protection
1; mode=block
expires
Tue, 01 Aug 2023 05:57:34 GMT
_2023072422384995477.jpg
image.stheadline.com/f/250r140/0x0/100/none/4bc96f3d69c6b1f529c6b8d84c773ec9/stheadline/inewsmedia/20230724/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.stheadline.com/f/250r140/0x0/100/none/4bc96f3d69c6b1f529c6b8d84c773ec9/stheadline/inewsmedia/20230724/_2023072422384995477.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:dd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53222eee800d309eadb93525f8ecf48c02250f624237f67b02a7bfe2e445c4d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 05:57:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
7ec22a8eea203665-FRA
content-length
16336
x-xss-protection
1; mode=block
expires
Tue, 01 Aug 2023 05:57:34 GMT
_2023072018410169821.jpg
image.stheadline.com/f/250r140/0x0/100/none/18a99ea8300f3063bb5b3aa3b450c19b/stheadline/inewsmedia/20230720/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.stheadline.com/f/250r140/0x0/100/none/18a99ea8300f3063bb5b3aa3b450c19b/stheadline/inewsmedia/20230720/_2023072018410169821.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:dd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4090963f4677c12f0f70d81cee59d4eff19ef9def1dcc5f4d7014e08b9e97123
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 05:57:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
7ec22a8eea213665-FRA
content-length
14216
x-xss-protection
1; mode=block
expires
Tue, 01 Aug 2023 05:57:34 GMT
_2023072422414682899.jpg
image.stheadline.com/f/250r140/0x0/100/none/6cf776cf56cb5916849b2207b88ac0b0/stheadline/inewsmedia/20230724/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.stheadline.com/f/250r140/0x0/100/none/6cf776cf56cb5916849b2207b88ac0b0/stheadline/inewsmedia/20230724/_2023072422414682899.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:dd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34b021031d0ddbe24a940d7d32ec42fb1dff2aa19b7b370203408a60f87f29c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 05:57:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
7ec22a8f2a603665-FRA
content-length
20087
x-xss-protection
1; mode=block
expires
Tue, 01 Aug 2023 05:57:34 GMT
_2023072422212435174.jpg
image.stheadline.com/f/250r140/0x0/100/none/e31b522c5b0320950bb3f6cbdb6a8262/stheadline/inewsmedia/20230724/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.stheadline.com/f/250r140/0x0/100/none/e31b522c5b0320950bb3f6cbdb6a8262/stheadline/inewsmedia/20230724/_2023072422212435174.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:dd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
137cbc0ec155a5f9223ddcb109ccf8e6a0a7587b70bfc21a17230e7a4a155c20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 05:57:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
7ec22a8f2a663665-FRA
content-length
22140
x-xss-protection
1; mode=block
expires
Tue, 01 Aug 2023 05:57:34 GMT
_2023072018401392976.jpg
image.stheadline.com/f/250r140/0x0/100/none/ed9a71f1f242d7ba82f144e8d1e5e65a/stheadline/inewsmedia/20230720/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.stheadline.com/f/250r140/0x0/100/none/ed9a71f1f242d7ba82f144e8d1e5e65a/stheadline/inewsmedia/20230720/_2023072018401392976.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:dd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2e40c317997f1d498ab2d67fc475af9ba8f5357711461c232faa8a28efbfb20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 05:57:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
7ec22a8f2a693665-FRA
content-length
15758
x-xss-protection
1; mode=block
expires
Tue, 01 Aug 2023 05:57:34 GMT
_2023072018404169649.jpg
image.stheadline.com/f/250r140/0x0/100/none/a559c073c85052cfd10c6a10260a3407/stheadline/inewsmedia/20230720/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.stheadline.com/f/250r140/0x0/100/none/a559c073c85052cfd10c6a10260a3407/stheadline/inewsmedia/20230720/_2023072018404169649.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:dd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d176961371a541cbca0bc6546ade64f63ec8b3eb32323afae37afd008f243c7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 05:57:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
7ec22a8f2a6a3665-FRA
content-length
16383
x-xss-protection
1; mode=block
expires
Tue, 01 Aug 2023 05:57:34 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c7513362bf905503e06be416db3fca1302c51d912d19f0092cf4618301714b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28177
x-xss-protection
0
server
cafe
etag
337 / 19563 / 31076290 / config-hash: 14308175188880485398
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 05:57:35 GMT
_2023020215250475478.jpg
image.stheadline.com/f/128r72/0x0/100/none/a08650ab3f6e920f76e5b93eabb10628/stheadline/inewsmedia/20230202/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.stheadline.com/f/128r72/0x0/100/none/a08650ab3f6e920f76e5b93eabb10628/stheadline/inewsmedia/20230202/_2023020215250475478.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:dd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe952be986fd8826ac20c2a451cdd79145000ae7d63f0affac71613567e99155
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 05:57:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 05:57:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
7ec22a8f2a6b3665-FRA
content-length
8148
x-xss-protection
1; mode=block
expires
Tue, 01 Aug 2023 05:57:34 GMT
_2023021718364352500.jpg
image.stheadline.com/f/128r72/0x0/100/none/2b7836aa7fcf8be38dfe9dd29d29a002/stheadline/inewsmedia/20230217/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image.stheadline.com/f/128r72/0x0/100/none/2b7836aa7fcf8be38dfe9dd29d29a002/stheadline/inewsmedia/20230217/_2023021718364352500.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:dd8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d46a5ae746d00c375201d31762f24fe42112750cb37ce1493728680cddc992a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Tue, 25 Jul 2023 05:57:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Tue, 25 Jul 2023 05:57:34 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=3600
accept-ranges
bytes
cf-ray
7ec22a8f2a6f3665-FRA
content-length
7284
x-xss-protection
1; mode=block
expires
Tue, 01 Aug 2023 05:57:34 GMT
perfect-scrollbar.jquery.min.js),sweetalert2@5.3.5
cdn.jsdelivr.net/g/jquery@1.12.4,bootstrap@3.3.7,perfect-scrollbar@0.6.14(js/ 		176 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/g/jquery@1.12.4,bootstrap@3.3.7,perfect-scrollbar@0.6.14(js/perfect-scrollbar.jquery.min.js),sweetalert2@5.3.5
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
345272d368f41891c6383f5fd3c1c4016e4bc1fac7c6b5ec4239eca2abe3e9ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 25 Jul 2023 05:57:35 GMT
age
758316
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
58463
x-served-by
cache-fra-eddf8230046-FRA
etag
W/"2be95-i6fO4yPAuxM9aIZ6vAnlD9uRMyM"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
wurfl.js
hd.stheadline.com/js/ 		516 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/js/wurfl.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c7ea3cdce10dca254bf006e0c30bdb693fcab414178b3dc506bf6950234edf7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:44 GMT
via
cache7.l2de2[187,186,304-0,M], cache3.l2de2[188,0], ens-cache3.de4[189,190,200-0,H], ens-cache2.de4[191,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:8:164125146
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
388
x-xss-protection
1; mode=block
server
Tengine
etag
"589bd08b-204"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
application/javascript; charset=utf-8
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646550475142e
expires
Tue, 25 Jul 2023 06:02:44 GMT
offcanvas.min.js
static.stheadline.com/stheadline/js/ 		351 B
781 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.stheadline.com/stheadline/js/offcanvas.min.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
static.stheadline.com
Software
/
Resource Hash
6cb5617edd79f36690f5f962d6eec9c852b037bd3dc6f1f7c65756747e09bb54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
ETag
W/"5582411f-15f"
Vary
Accept, Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://std.stheadline.com
Access-Control-Allow-Methods
GET, POST, OPTIONS
Cache-Control
max-age=300
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
Expires
Tue, 25 Jul 2023 06:02:33 GMT
jquery.fancybox.pack.js
static.stheadline.com/stheadline/js/fancyBox/source/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.stheadline.com/stheadline/js/fancyBox/source/jquery.fancybox.pack.js?v=2.1.5
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
static.stheadline.com
Software
/
Resource Hash
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
ETag
W/"51bade7d-5a5f"
Vary
Accept, Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://std.stheadline.com
Access-Control-Allow-Methods
GET, POST, OPTIONS
Cache-Control
max-age=300
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
Expires
Tue, 25 Jul 2023 06:02:33 GMT
modernizr-custom.js
hd.stheadline.com/js/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/js/modernizr-custom.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
2cbf0f83cf9a64602ed13c4525ff3b969382bbdbe07eeb8d656f0cf639f9424c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:44 GMT
via
cache4.l2de2[752,752,304-0,M], cache8.l2de2[754,0], ens-cache4.de4[759,759,200-0,H], ens-cache2.de4[764,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:10:34133132
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
x-xss-protection
1; mode=block
server
Tengine
etag
W/"58a29f9e-1e8d"
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
ali-swift-global-savetime
1690264655
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646550855236e
expires
Tue, 25 Jul 2023 06:02:44 GMT
custom.js
hd.stheadline.com/js/ 		95 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/js/custom.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c576a94861ae87a9286be59d33a4a36b6983be2ca98f7c7640913584acc6c346
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
cache4.l2de2[750,750,304-0,M], cache12.l2de2[752,0], ens-cache3.de4[752,752,200-0,H], ens-cache2.de4[754,0]
x-content-type-options
nosniff
content-encoding
gzip
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:8:164125137
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
22914
x-xss-protection
1; mode=block
server
Tengine
etag
"6397db5a-17bfd"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
application/javascript; charset=utf-8
cache-control
max-age=300, max-age=240
timing-allow-origin
*
eagleid
2ff62b1a16902646550855237e
expires
Tue, 25 Jul 2023 06:02:35 GMT
comscore.streaming.min.js
static.stheadline.com/stheadline/js/comscore/ 		103 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.stheadline.com/stheadline/js/comscore/comscore.streaming.min.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
static.stheadline.com
Software
/
Resource Hash
de0bc01daa8996739e538c4c3f58f458bf15d737d35a8cddb0d8d8d1d800db94
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:33 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
ETag
W/"591e726b-19d8c"
Vary
Accept, Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://std.stheadline.com
Access-Control-Allow-Methods
GET, POST, OPTIONS
Cache-Control
max-age=300
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
Expires
Tue, 25 Jul 2023 06:02:33 GMT
MTY5HL5JRS30HLT04tXzloUHFCVkdDZEpQZlp1VjlJZwMDI2NDY4Mw.gif
hd.stheadline.com/wt/ 		43 B
318 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/wt/MTY5HL5JRS30HLT04tXzloUHFCVkdDZEpQZlp1VjlJZwMDI2NDY4Mw.gif
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/news/realtime/h
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
cache7.l2de2[734,734,200-0,M], cache8.l2de2[735,0], ens-cache3.de4[736,736,200-0,M], ens-cache2.de4[737,0]
x-content-type-options
nosniff
x-swift-cachetime
0
x-cache
MISS TCP_MISS dirn:-2:-2
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
43
x-xss-protection
1; mode=block
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
Tengine
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/gif
cache-control
no-cache
x-robots-tag
noindex, nofollow, noarchive
timing-allow-origin
*
eagleid
2ff62b1a16902646550855238e
expires
Thu, 01 Jan 1970 00:00:01 GMT
id
dpm.demdex.net/ 		787 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=E1E31A3C5BB4BED90A495E47%40AdobeOrg&d_nsid=0&ts=1690264654476
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN227213af532841a48cb92e23b43a2f63.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.61.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-61-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
b4aeb80e488d28eb057be1632c3f75d2ce301b303e0d934a841669a455f915ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-2-v050-0b10595a9.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
6knrFetJSIg=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://hd.stheadline.com
Content-Type
application/json;charset=utf-8
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
490
Expires
Thu, 01 Jan 1970 00:00:00 UTC
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		34 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN227213af532841a48cb92e23b43a2f63.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:782::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"dfdd9e1f988805f0c2fbb10cd6b8f034:1663863409.614694"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://hd.stheadline.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
12384
expires
Tue, 25 Jul 2023 06:57:35 GMT
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_ActivityMap.min.js
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN227213af532841a48cb92e23b43a2f63.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3100:782::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
content-encoding
gzip
last-modified
Thu, 22 Sep 2022 16:16:49 GMT
server
AkamaiNetStorage
etag
"b89fcb8870ac40eecb6d3cc844d35389:1663863409.92483"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
https://hd.stheadline.com
cache-control
no-cache
accept-ranges
bytes
timing-allow-origin
*
content-length
1598
expires
Tue, 25 Jul 2023 06:57:35 GMT
ibs:dpid=411&dpuuid=ZL9kTwAAAGXqRgO-
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=11516349206899793642972229934555018678
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZL9kTwAAAGXqRgO-
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZL9kTwAAAGXqRgO-
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
HTTP/1.1
Server
34.243.61.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-61-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v050-0ec6ca8b8.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
1n7Xmf89TyU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZL9kTwAAAGXqRgO-
Date
Tue, 25 Jul 2023 05:57:35 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
domainping.php
prebid.andbeyond.media/ 		7 B
235 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.andbeyond.media/domainping.php?domain=https://hd.stheadline.com/news/realtime/h&aff=552606
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-552606.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.133.90 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-133-90.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 25 Jul 2023 05:57:35 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Content-Length
7
Content-Type
text/html; charset=UTF-8
maxmind.php
prebid.andbeyond.media/ 		211 B
441 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prebid.andbeyond.media/maxmind.php
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-552606.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.133.90 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-133-90.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2ec9f053b4faecc7d3f36744eb6e1c78f429314a3eb6536fff7f84115d8f3d2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 25 Jul 2023 05:57:35 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Content-Length
211
Content-Type
text/html; charset=UTF-8
apstag.js
c.amazon-adsystem.com/aax2/ 		244 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-552606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2f1ed2a726a3a2b5534962c9d195e8b5ff51137067af1f5c8c4529828a49b5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:36:06 GMT
content-encoding
gzip
via
1.1 d8e97d2c28917e4c41ab79bb1e94b844.cloudfront.net (CloudFront), 1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
last-modified
Wed, 19 Jul 2023 19:22:42 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, MUC50-P2
age
1290
x-amz-server-side-encryption
AES256
etag
W/"4c32a3d3ddb526b72e7dd25429eaaa2b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
bAIcoXUsktJrTHucTlhgFNmbCupA6YDjB5hDkr6jmyhJnJTTq8HN9Q==
gtm.js
www.googletagmanager.com/ 		197 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T3HQTH7
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bcaddc53ae96c62ddc48e581d82437899c6d82bae6cb920239772cc2977e85df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71063
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 25 Jul 2023 05:57:35 GMT
prebid7.18.0.js
static.stheadline.com/stheadline/js/ 		271 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.stheadline.com/stheadline/js/prebid7.18.0.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/js/_adv/dfp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
static.stheadline.com
Software
/
Resource Hash
9fc31ee6bafd21b6b905dde786016101e5bfbdb0f75d34299df2f572311a8449
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
ETag
W/"63351195-43d3c"
Vary
Accept, Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://std.stheadline.com
Access-Control-Allow-Methods
GET, POST, OPTIONS
Cache-Control
max-age=300
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
Expires
Tue, 25 Jul 2023 06:02:34 GMT
all.js
connect.facebook.net/zh_HK/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/all.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
095a98fd55498a6d838d6e4c6682eb133942e14d602ef6386b5a87f61aa5b175
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Jul 2023 05:57:35 GMT
content-md5
NKY4Dj/oiqiimc1qBvrwdQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-debug
59ZLNRUsUBym5uzMtqkCRrmR/eaosVCC0aijAerJzX+O+25y5gg7yM0bDqxJh18UqkSL7A2RChFk12eW1Qg9Zg==
x-fb-content-md5
aa0918db08871210de46b191454cb732
cross-origin-opener-policy
same-origin-allow-popups
etag
"4b691051bc2a8572a1053262e70950f7"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Tue, 25 Jul 2023 06:02:27 GMT
header-logo.png
hd.stheadline.com/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/header-logo.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/new-header.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
5eb14751abd4e8cee5fc7e3c8a32f1c03341de2aae439ab8c62daaac4aa280f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/new-header.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:44 GMT
via
cache4.l2de2[735,735,304-0,M], cache2.l2de2[735,0], ens-cache3.de4[736,744,200-0,H], ens-cache2.de4[746,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:11:1678919773
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
3968
x-xss-protection
1; mode=block
server
Tengine
etag
"623c3472-f80"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/png
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646550985263e
expires
Tue, 25 Jul 2023 06:02:44 GMT
header-slogan.png
hd.stheadline.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/header-slogan.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/new-header.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8f683e7a5f473be5b3555518b2643443557f83a404239ac02626c2eb7e7f9b20
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/new-header.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
cache19.l2de2[735,735,304-0,M], cache25.l2de2[736,0], ens-cache1.de4[737,751,200-0,H], ens-cache2.de4[753,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:11:954775611
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
1494
x-xss-protection
1; mode=block
server
Tengine
etag
"623c3823-5d6"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/png
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646550985265e
expires
Tue, 25 Jul 2023 06:02:35 GMT
war-20.png
static.stheadline.com/stheadline/images/warning/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.stheadline.com/stheadline/images/warning/war-20.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/framework.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
static.stheadline.com
Software
/
Resource Hash
f4a12d07f234dfc75706f361427a61d856a65c715cb4c71357e8202c9d7733f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:34 GMT
X-Content-Type-Options
nosniff
ETag
"555be8eb-104f"
Vary
Accept, Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://std.stheadline.com
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
4175
X-XSS-Protection
1; mode=block
Expires
Tue, 25 Jul 2023 06:02:34 GMT
wea-01.png
static.stheadline.com/stheadline/images/weather/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.stheadline.com/stheadline/images/weather/wea-01.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/framework.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
static.stheadline.com
Software
/
Resource Hash
7b1fe415775d09a08db8e80d680411fd51a2d0d41c1db7f45827ecc1fc86f861
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:34 GMT
X-Content-Type-Options
nosniff
ETag
"555bf6a8-c5c"
Vary
Accept, Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://std.stheadline.com
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
3164
X-XSS-Protection
1; mode=block
Expires
Tue, 25 Jul 2023 06:02:34 GMT
hea-icon-hum@2x.png
hd.stheadline.com/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/hea-icon-hum@2x.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/new-header.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
984b4c989fdf40f0c4543d68d185f1af1549a88f4be3574ec8e9cd4e95e046f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/new-header.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
cache12.l2de2[185,196,304-0,M], cache26.l2de2[198,0], ens-cache2.de4[205,227,200-0,H], ens-cache2.de4[235,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:3:976971869
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
1084
x-xss-protection
1; mode=block
server
Tengine
etag
"623c9d2d-43c"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/png
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646551035282e
expires
Tue, 25 Jul 2023 06:02:35 GMT
hea-icon-sear.png
hd.stheadline.com/images/ 		520 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/hea-icon-sear.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/new-header.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
0792166a4270d635ba1f00aa357feef28f053104926ce16588073e8ec2dc67bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/new-header.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
cache14.l2de2[730,730,304-0,M], cache19.l2de2[731,0], ens-cache3.de4[732,754,200-0,H], ens-cache2.de4[757,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:0:511416437
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
520
x-xss-protection
1; mode=block
server
Tengine
etag
"623c3848-208"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/png
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646551035284e
expires
Tue, 25 Jul 2023 06:02:35 GMT
hea-icon-fb.png
hd.stheadline.com/images/ 		431 B
639 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/hea-icon-fb.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/new-header.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
138217d8e927fcd3fbaaba15935f294fac73b253a03deda5721076c35d7e7daa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/new-header.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
cache15.l2de2[729,739,304-0,M], cache1.l2de2[740,0], ens-cache3.de4[746,770,200-0,H], ens-cache2.de4[773,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:7:1678927953
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
431
x-xss-protection
1; mode=block
server
Tengine
etag
"623c3848-1af"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/png
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646551045285e
expires
Tue, 25 Jul 2023 06:02:35 GMT
hea-icon-ig.png
hd.stheadline.com/images/ 		511 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/hea-icon-ig.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/new-header.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
aa73c937338c4c5872d66c078fb9219d2f9dcb55ed2ab34905150e02342ea7ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/new-header.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
cache9.l2de2[187,186,304-0,M], cache12.l2de2[189,0], ens-cache4.de4[195,212,200-0,H], ens-cache2.de4[216,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:2:1868130332
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
511
x-xss-protection
1; mode=block
server
Tengine
etag
"623c3848-1ff"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/png
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646551045286e
expires
Tue, 25 Jul 2023 06:02:35 GMT
hea-icon-mob.png
hd.stheadline.com/images/ 		379 B
664 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/hea-icon-mob.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/new-header.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
35181d5c081b472d390c8c6bb127cff710223f7bc25035d92436e66eeb229e02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/new-header.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
cache11.l2de2[731,732,304-0,M], cache4.l2de2[733,0], ens-cache4.de4[739,775,200-0,H], ens-cache2.de4[778,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:11:1867027198
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
379
x-xss-protection
1; mode=block
server
Tengine
etag
"623c3848-17b"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/png
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646551045287e
expires
Tue, 25 Jul 2023 06:02:35 GMT
hea-icon-user.png
hd.stheadline.com/images/ 		680 B
889 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/hea-icon-user.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/new-header.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8b5d79af5f5ea9ccd52c644d613a652d2e4777e225fc8102e4c79da6b8a93eb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/new-header.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:44 GMT
via
cache21.l2de2[743,742,304-0,M], cache20.l2de2[744,0], ens-cache4.de4[747,772,200-0,H], ens-cache2.de4[775,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:2:1868133360
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
680
x-xss-protection
1; mode=block
server
Tengine
etag
"623c3848-2a8"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/png
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646551045289e
expires
Tue, 25 Jul 2023 06:02:44 GMT
logo-s.png
static.stheadline.com/stheadline/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.stheadline.com/stheadline/images/logo-s.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/framework.min.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
static.stheadline.com
Software
/
Resource Hash
1d929ca8231cdf7dcfd696c6d44475cc44f8e924c7863ffb7fc5802102ec80c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:34 GMT
X-Content-Type-Options
nosniff
ETag
"559b3fc2-c98"
Vary
Accept, Accept-Encoding
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
https://std.stheadline.com
Cache-Control
max-age=300
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length
3224
X-XSS-Protection
1; mode=block
Expires
Tue, 25 Jul 2023 06:02:34 GMT
fontawesome-webfont.woff2
cdn.jsdelivr.net/fontawesome/4.6.3/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/fontawesome/4.6.3/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/fontawesome/4.6.3/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/fontawesome/4.6.3/css/font-awesome.min.css
Origin
https://hd.stheadline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Jul 2023 05:57:35 GMT
x-content-type-options
nosniff
age
708296
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
71896
x-served-by
cache-fra-eddf8230133-FRA
etag
W/"118d8-l+Q4zFRXFDCYgvvOrb80T8rdzsU"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
dest5.html
singtaonewscorp.demdex.net/ Frame E2DC 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://singtaonewscorp.demdex.net/dest5.html?d_nsid=0
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN227213af532841a48cb92e23b43a2f63.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.248.22.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-248-22-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v050-081b3f51f.edge-irl1.demdex.com 0 ms
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
zSOGBZaTTWg=
content-encoding
gzip
date
Tue, 25 Jul 2023 05:57:35 GMT
last-modified
Wed, 28 Jun 2023 12:57:16 GMT
transfer-encoding
chunked
vary
accept-encoding
yap.js
s.yimg.com/av/yap/ga/ 		69 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/av/yap/ga/yap.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:37:26 GMT
content-encoding
gzip
x-amz-meta-created-date
Thu, 14 Jun 2018 21:01:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-amz-request-id
YBSJ0MDN0E2AHMSX
age
1210
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1529010111289407
x-amz-id-2
0z9ms0PiPPikeVkLgVrNu6XaOaFEvwyDxoyv3xdgxF2eSK3TE8AUFmx387dta2SYgzhTfiKRpFCToRasGYimww==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 Jun 2018 20:24:03 GMT
server
ATS
etag
"dc33089f908605f46038b49337653924-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding,Origin
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,stale-while-revalidate=30,max-age=3600
accept-ranges
bytes
x-amz-meta-mbst-etag
"YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-amz-meta-x-ysws-access
public
expires
Fri, 22 Jun 2018 21:24:02 GMT
logo_01.jpg
hd.stheadline.com/images/fl/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/fl/logo_01.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
aeca8972210ef71bb5529fef5f2b59ad8ee8baecc5f7f0c36b4657f8d74e29b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
via
cache14.l2de2[767,767,304-0,M], cache6.l2de2[768,0], ens-cache2.de4[773,791,200-0,H], ens-cache2.de4[800,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:11:979033684
x-swift-savetime
Tue, 25 Jul 2023 05:57:36 GMT
content-length
2765
x-xss-protection
1; mode=block
server
Tengine
etag
"57c3b5a9-acd"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264656
content-type
image/jpeg
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646553085801e
expires
Tue, 25 Jul 2023 06:02:36 GMT
logo_02.jpg
hd.stheadline.com/images/fl/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/fl/logo_02.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
bd88c8a6443878c1b90216a199ab6be673d81237da83f5216d3961eab73c3891
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:45 GMT
via
cache11.l2de2[738,745,304-0,M], cache9.l2de2[747,0], ens-cache2.de4[752,769,200-0,H], ens-cache2.de4[773,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:11:979033216
x-swift-savetime
Tue, 25 Jul 2023 05:57:36 GMT
content-length
3871
x-xss-protection
1; mode=block
server
Tengine
etag
"55d19e86-f1f"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264656
content-type
image/jpeg
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646553085803e
expires
Tue, 25 Jul 2023 06:02:45 GMT
logo_03.jpg
hd.stheadline.com/images/fl/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/fl/logo_03.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
62396c150946104d4809279cfa87658c6733aa1b816420bbc620ead53e005f32
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:45 GMT
via
cache16.l2de2[741,752,304-0,M], cache21.l2de2[753,0], ens-cache3.de4[758,782,200-0,H], ens-cache2.de4[785,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:2:1678109389
x-swift-savetime
Tue, 25 Jul 2023 05:57:36 GMT
content-length
3872
x-xss-protection
1; mode=block
server
Tengine
etag
"55d19e86-f20"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264656
content-type
image/jpeg
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646553085805e
expires
Tue, 25 Jul 2023 06:02:45 GMT
logo_04.jpg
hd.stheadline.com/images/fl/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/fl/logo_04.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
0b9cf9c5d4d128f772ee7ddfce66f324edf2d54f967fbb78f135a0e4d371cbfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
via
cache21.l2de2[751,750,304-0,M], cache4.l2de2[752,0], ens-cache4.de4[758,779,200-0,H], ens-cache2.de4[782,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:4:1866016807
x-swift-savetime
Tue, 25 Jul 2023 05:57:36 GMT
content-length
5670
x-xss-protection
1; mode=block
server
Tengine
etag
"55d19e86-1626"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264656
content-type
image/jpeg
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646553085806e
expires
Tue, 25 Jul 2023 06:02:36 GMT
logo_07.jpg
hd.stheadline.com/images/fl/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/fl/logo_07.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
a85afcf0346b08217e747c1e0ed04b7e3641043802c1931ed9e2e9b3fcaeceb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
cache8.l2de2[183,183,304-0,M], cache7.l2de2[185,0], ens-cache2.de4[186,200,200-0,H], ens-cache2.de4[203,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:7:977130883
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
3976
x-xss-protection
1; mode=block
server
Tengine
etag
"55d19e86-f88"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/jpeg
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646553085807e
expires
Tue, 25 Jul 2023 06:02:35 GMT
logo_08.jpg
hd.stheadline.com/images/fl/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/fl/logo_08.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
6abcc7592526e14df34a427062db1313446aa69e31caf75ded84a150f5feb1ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
cache20.l2de2[188,188,304-0,M], cache7.l2de2[190,0], ens-cache2.de4[192,204,200-0,H], ens-cache2.de4[213,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:0:734403534
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
3080
x-xss-protection
1; mode=block
server
Tengine
etag
"55d19e86-c08"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/jpeg
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646553085810e
expires
Tue, 25 Jul 2023 06:02:35 GMT
logo_10.jpg
hd.stheadline.com/images/fl/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/fl/logo_10.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
91e7f077664ee9356ee7429127b4d9737f2ac247add6eedacd3a469f5538d5cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:45 GMT
via
cache26.l2de2[756,756,304-0,M], cache2.l2de2[758,0], ens-cache3.de4[763,793,200-0,H], ens-cache2.de4[797,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:1:1679054971
x-swift-savetime
Tue, 25 Jul 2023 05:57:36 GMT
content-length
3687
x-xss-protection
1; mode=block
server
Tengine
etag
"60d4686b-e67"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264656
content-type
image/jpeg
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646553085811e
expires
Tue, 25 Jul 2023 06:02:45 GMT
logo_11.jpg
hd.stheadline.com/images/fl/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/fl/logo_11.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
ae48acb5feb5671038d418e329e69022d642ce8e1843f8cefe65f0f3e2636c2c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
via
cache19.l2de2[760,759,304-0,M], cache26.l2de2[761,0], ens-cache2.de4[762,783,200-0,H], ens-cache2.de4[787,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:0:734403164
x-swift-savetime
Tue, 25 Jul 2023 05:57:36 GMT
content-length
3649
x-xss-protection
1; mode=block
server
Tengine
etag
"56d5640f-e41"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264656
content-type
image/jpeg
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646553085813e
expires
Tue, 25 Jul 2023 06:02:36 GMT
logo_12.jpg
hd.stheadline.com/images/fl/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hd.stheadline.com/images/fl/logo_12.jpg
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/css/styles.min.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
c5a6b2a1e55e92c33f977bbd6f047cdec63b8fc1d87de48ea0201fed7a40ed64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/css/styles.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:44 GMT
via
cache7.l2de2[187,186,304-0,M], cache3.l2de2[188,0], ens-cache3.de4[189,217,200-0,H], ens-cache2.de4[220,0]
x-content-type-options
nosniff
age
0
x-swift-cachetime
120
x-cache
HIT TCP_REFRESH_HIT dirn:3:1677650875
x-swift-savetime
Tue, 25 Jul 2023 05:57:35 GMT
content-length
3434
x-xss-protection
1; mode=block
server
Tengine
etag
"58b3fa97-d6a"
x-frame-options
SAMEORIGIN
ali-swift-global-savetime
1690264655
content-type
image/jpeg
cache-control
max-age=300, max-age=240
accept-ranges
bytes
timing-allow-origin
*
eagleid
2ff62b1a16902646553085814e
expires
Tue, 25 Jul 2023 06:02:44 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ 		385 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 20:12:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
35119
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125179
x-xss-protection
0
server
cafe
etag
2430563369519042680
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 23 Jul 2024 20:12:16 GMT
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-39.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 22:24:05 GMT
content-encoding
gzip
via
1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
27211
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
bNoYdFqlrQUFQHL64WClPTt2fKgnY-kIllV9RftNyZviIle-3Bq3PQ==
all.js
connect.facebook.net/zh_HK/ 		309 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/zh_HK/all.js?hash=61e1142d326aa98375a897a301c8e9a7
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/all.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
84571fa90be3b52ed441e2c308f30ea19ff3fde6c6fe773553d9e932ce6ef353
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://hd.stheadline.com/
Origin
https://hd.stheadline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Jul 2023 05:57:35 GMT
content-md5
JfC5bJqqbDco9f1uP0BfyA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88753
x-fb-debug
fDI/JvUs0+zaqmAdWPNV0ygehpUza+XfEpuJuLh+oT8G5JIPDMFUFf4tQyRtdyS7/gDS34G/EKxompJEemZvNw==
x-fb-content-md5
87528c41a46f99fdd40b5802bc86f0d8
cross-origin-opener-policy
same-origin-allow-popups
etag
"1ec041a00c78557816add8a1f475f337"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 23 Jul 2024 23:07:44 GMT
s52682821106159
singtaolimited.sc.omtrdc.net/b/ss/singtaolimitedheadline.daily.website.prd/1/JS-2.23.0-LCXS/ 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://singtaolimited.sc.omtrdc.net/b/ss/singtaolimitedheadline.daily.website.prd/1/JS-2.23.0-LCXS/s52682821106159?AQB=1&ndh=1&pf=1&t=25%2F6%2F2023%205%3A57%3A35%202%200&mid=10813325120533425493010019233842285319&aamlh=6&ce=UTF-8&pageName=%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1.%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E&g=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&c.&getQueryParam=4.0.1&pt=3.0&.c&cc=HKD&ch=%E4%B8%BB%E9%A0%81&events=event1&aamb=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&c1=D%3Dv1&v1=%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1.%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E&c2=D%3Dv2&v2=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&c3=D%3Dv3&v3=%E4%B8%BB%E9%A0%81&c4=D%3Dv4&c5=D%3Dv5&v5=%E4%B8%BB%E9%A0%81&c6=New&c7=New&c8=%2C%2C%2C&v8=10813325120533425493010019233842285319&c9=23&c10=10813325120533425493010019233842285319&c11=05&c12=Tuesday&c13=30&c14=Weekday&c15=25&c17=1&c18=2023&c22=D%3Dv22&c23=D%3Dv23&c27=D%3Dv27&c28=D%3Dv28&c29=D%3Dv29&c30=D%3Dv30&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=E1E31A3C5BB4BED90A495E47%40AdobeOrg&AQE=1
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.140.62.160 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
ip-63-140-62-160.data.adobedc.net
Software
jag /
Resource Hash
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:35 GMT
x-content-type-options
nosniff
last-modified
Wed, 26 Jul 2023 05:57:35 GMT
server
jag
etag
3629815709520887808-4619595897038378751
vary
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
*
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0, no-transform, private
content-length
43
x-xss-protection
1; mode=block
expires
Mon, 24 Jul 2023 05:57:35 GMT
prebid7.9.0.js
static.stheadline.com/stheadline/js/ 		170 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.stheadline.com/stheadline/js/prebid7.9.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3HQTH7
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
203.80.0.157 , Hong Kong, ASN4655 (UNSPECIFIED Sing Tao Electronic Daily, HK),
Reverse DNS
static.stheadline.com
Software
/
Resource Hash
f8880e5a39bcf6d2aea78acedc759dd4404e4e812f99bfac543b64ab0f77db62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:34 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
ETag
W/"62f35df2-2a63e"
Vary
Accept, Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
https://std.stheadline.com
Access-Control-Allow-Methods
GET, POST, OPTIONS
Cache-Control
max-age=300
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
X-XSS-Protection
1; mode=block
Expires
Tue, 25 Jul 2023 06:02:34 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3HQTH7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 25 Jul 2023 04:35:19 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4936
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 25 Jul 2023 06:35:19 GMT
js
www.googletagmanager.com/gtag/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-V2KT52C0FP&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T3HQTH7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
b
sb.scorecardresearch.com/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9053246&ns__t=1690264655528&ns_c=UTF-8&c8=%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1&c7=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&c9=
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-39.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
MUC50-P2
x-amz-cf-id
Kyw9v4K_VZbylF9_rV5F5CljEERjZwe68AQSThRdgEQxhA1wOmWg-Q==
x-cache
Miss from cloudfront
rum.js
securepubads.g.doubleclick.net/pagead/js/ 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4427770d30ccf8b4e950d8d03a9d4ec0e4976ed6cc85b793aab1c7d9ecf8fda0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
806
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23841
x-xss-protection
0
server
cafe
etag
13335932594914250126
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 06:44:09 GMT
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:4a00:a:e047:753:be1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
null
Date
Tue, 25 Jul 2023 00:56:56 GMT
Via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
18040
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
W2Jb8Z6X05it6MpBHCz19cRDZ1iZpAI0o2GP-ysFqPrXkvkGJsjxeQ==
esp.js
cdn.id5-sync.com/api/1.0/ 		102 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Jun 2023 08:35:03 GMT
server
cloudflare
x-amz-request-id
EYAFV55K4BXD4QAJ
age
2430
etag
W/"9b8b8eb50e4814cbdc325ce477c96910"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ec22a9178d51903-FRA
x-amz-id-2
whWkBhGm1ASZrNS/p6BPS7n04HervMshZG7qaxgZ9WSN3A3Ln15Wm67BYkFJkBlsBofx4C+mrXI=
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-46.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 02:34:21 GMT
content-encoding
gzip
via
1.1 cb64e02e44588dfd13b2a4b2483c404c.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:33 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
12195
x-amz-server-side-encryption
AES256
etag
W/"550ead3a95bd6cfcd917d45c5f8f4553"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
9ICrPG1KHDWWzmeHYOpuGyXZpHXgcMSl6KgoFrY5Ioqk6x--lmI3cg==
encrypted-tag-g.js
invstatic101.creativecdn.com/encrypted-signals/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
87.70.96.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
1.1 google, 1.1 google
last-modified
Wed, 05 Jul 2023 19:08:57 GMT
server
Google Frontend
etag
6c49a4094d9a446bdc7fe3d19d23b4c7
content-type
text/javascript; charset=utf-8
x-cloud-trace-context
50c26bb4eca404469032411840cc1277
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Jul 2023 05:57:35 GMT
x-content-type-options
nosniff
content-encoding
br
age
23853
x-jsd-version
master
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230046-FRA
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
publishertag.ids.js
static.criteo.net/js/ld/ 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Jul 2023 13:25:47 GMT
server
nginx
etag
W/"64ad585b-a980"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Jul 2023 05:57:35 GMT
ob.js
cdn-ima.33across.com/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-ima.33across.com/ob.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.35.34 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca372f1d4ced7e2a37e83eb5b880159ba569a4fbf613b9cc2894a6c8726c13f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 20 Jul 2023 17:46:36 GMT
server
cloudflare
age
41345
etag
W/"64b972fc-a13f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=86400
cf-ray
7ec22a91f87a190f-FRA
expires
Wed, 26 Jul 2023 05:57:35 GMT
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 12:52:57 GMT
content-encoding
gzip
age
579878
x-guploader-uploadid
ADPycdugQIc-GyKQcLfRlrGAvwpjmfbJY9EjuLL-oCD6wb4C7usr539OhT0fRKMENMM7chOetQxgQ1aoCstfr4sX-_wC
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Wed, 17 Jul 2024 12:52:57 GMT
b
sb.scorecardresearch.com/ 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=9053246&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1690264655577&ns_c=UTF-8&c3=&c4=&c7=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&c8=%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1&c9=
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-39.muc50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
MUC50-P2
x-amz-cf-id
setukZ6gmmuSlR8uMdkXkvyG_-X8KJwDfm1O9i4QkNr4OgeSTAxQqQ==
x-cache
Miss from cloudfront
config
c.amazon-adsystem.com/cdn/prod/ 		486 B
845 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fhd.stheadline.com&pubid=cd6cddc5-4dca-4d77-9a65-8b894400e772
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
Server /
Resource Hash
f39a2c7f7532d8fc427e96438ad41aa48b6b57d81b1fe494e0288845216589b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 03:13:33 GMT
via
1.1 ba1081cbdcd39cc4928b65493cb81558.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MUC50-P2
age
9842
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://hd.stheadline.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
486
x-amz-cf-id
vDEC7GrFTvaNcpgdkOo8jJW4KUtvDB-klhHWdRvXez3oBfHSPIwKCg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.37.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-37-209.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 08:28:25 GMT
x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 82fdc4c167a56caabe3a8a99b02abee4.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
77351
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
rdPVVK96DDov01DjOaJzxR_C4zC4CcHygJdrco-LDWAdOOCxjfXhvg==
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=978368502211772&input_token&origin=1&redirect_uri=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/all.js?hash=61e1142d326aa98375a897a301c8e9a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Tue, 25 Jul 2023 05:57:35 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
pragma
no-cache
x-fb-debug
uEHVo32U6HunZzLI1wgMCEHAtVwtB0uiGvto/VLJM67augA0WJcZB7i6XjhpqtB+Hha64rSyLVjQxhIFnkinCQ==
fb-s
unknown
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hd.stheadline.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		101 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 22 Jun 2023 08:35:03 GMT
server
cloudflare
x-amz-request-id
QFY4N5AZD1WDDC6N
age
2120
etag
W/"bb626f116ff54963039a9ea05c53620b"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7ec22a91f9661903-FRA
x-amz-id-2
cUqxEceAZFATlYCgoa4isjGb10iJCu6mHxwRp9HM+s2zfdjs2XEkh9AGwGIBeMTzTVpBIZ9REiQ=
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ 		328 B
607 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=6ead6fa0-4591-43ee-a3cc-cc59b9e4d4c6&apiKey=FY5FNP4BYN9VPB53PY9J&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fhd.stheadline.com&caps=16&cb=JSONPCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
o2.ycpi.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
ec142e258323e57ffd199c066d4090aa640e7a4ce5ff2ccca5abce8add14e158
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
date
Tue, 25 Jul 2023 05:57:35 GMT
server
ATS
age
0
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
x-envoy-upstream-service-time
18
x-xss-protection
1; mode=block
x-request-id
af1204fa-84f2-4f16-be23-9e709fe52902
collect
www.google-analytics.com/j/ 		4 B
211 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1703895921&t=pageview&_s=1&dl=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&ul=en-us&de=UTF-8&dt=%E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1196898692&gjid=1304478174&cid=923013097.1690264656&tid=UA-41819048-4&_gid=1785492801.1690264656&_r=1&_slc=1&gtm=45He37o0n81T3HQTH7&z=274415256
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hd.stheadline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
token.rubiconproject.com/ Frame E2DC 		0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/token?pid=6404&puid=11516349206899793642972229934555018678&gdpr=0&gdpr_consent=
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://singtaonewscorp.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
28e1e7d28d06b07ec669bc9e43057b8e
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
prebid-custom.js
rtbpass-us.andbeyond.media/ 		579 KB
176 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rtbpass-us.andbeyond.media/prebid-custom.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-552606.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
/
Resource Hash
86d3f947bf8f90984ba2f5e095e54416161bd19abcbe8e3e6137e76772206bbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Sep 2022 05:05:05 GMT
ETag
"1662959105"
X-HW
1690264655.dop208.lo4.t,1690264655.cds226.lo4.shn,1690264655.dop208.lo4.t,1690264655.cds315.lo4.c
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=22094751
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
180108
a.js
p.adlooxtracking.com/gpt/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/gpt/a.js
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-552606.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 04:58:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
server
nginx
age
3572
etag
W/"81c857a6c52da1ca7444f198bd33b2ea"
last-modified
Tue, 22 Nov 2022 17:41:01 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public,max-age=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3703
increment
id5-sync.com/api/esp/ 		0
326 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hd.stheadline.com
date
Tue, 25 Jul 2023 05:57:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
encrypt
esp.rtbhouse.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://hd.stheadline.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST, GET
access-control-allow-origin
https://hd.stheadline.com
access-control-max-age
600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
content-type
text/plain; charset=utf-8
date
Tue, 25 Jul 2023 05:57:35 GMT
server
Google Frontend
vary
Origin
via
1.1 google, 1.1 google
x-cloud-trace-context
8dfd3b0f45b3603275720fab79691bbd
encrypt
esp.rtbhouse.com/ 		241 B
336 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://esp.rtbhouse.com/encrypt
Requested by
Host: invstatic101.creativecdn.com
URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.39.111 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
111.39.190.35.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
68861fe4bae787b53d19bb7c6adb8448c7f80a2730d917728c67a3533bf75c9a

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
1.1 google, 1.1 google
server
Google Frontend
content-type
application/json
access-control-allow-origin
*
x-cloud-trace-context
64b5e8c999b5c958e90f1b7efca2bc8e
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
241
syncframe
gum.criteo.com/ Frame 7A42 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=hd.stheadline.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jul 2023 05:57:35 GMT
server
Kestrel
server-processing-duration-in-ticks
245813
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
stats.g.doubleclick.net/j/ 		4 B
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-41819048-4&cid=923013097.1690264656&jid=1196898692&gjid=1304478174&_gid=1785492801.1690264656&_u=YEBAAEAAAAAAACAAI~&z=1692383196
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 25 Jul 2023 05:57:35 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://hd.stheadline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.190.189 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-190-189.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
43fa35a533f2dcfd4606e126cdf4abe4d80e5ece9e18df46e8f8c766477c1ea2

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:35 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://hd.stheadline.com
cache-control
no-cache
x-server
10.45.20.186
access-control-allow-credentials
true
content-length
60
expires
0
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&rid=esp&cc=1
85 B
196 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&rid=esp&cc=1
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Server
34.120.135.53 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
53.135.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
b8c7d2bb11336760649b52953f0e44d3ad462b216cc4930c3fd944864ad9ffb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-xy7Gf/Q6R+naYKqzBd+sL5TTmNc"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hd.stheadline.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Tue, 25 Jul 2023 05:57:35 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://hd.stheadline.com
location
/esp?url=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
97b644c7b22773c7a3d541d3ba082d4f5755a2c15cab9ed847c58ddfd5b52fd1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hd.stheadline.com
date
Tue, 25 Jul 2023 05:57:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sid
mug.criteo.com/ Frame 7A42
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=stheadline.com&sn=ChromeSyncframe&so=0&topUrl=hd.stheadline.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=_2N1GnxRRnpUZFNJS05oNW9lc3lhVlRnU3F6d3Jta1NRdlQ0eTdkeWtRRm04ZzZ4WGVidmlrMDhsUVpCSVF1RWxPcTVFdmM4WDRsdEhHWFlUaVZGSkppQXdFSnFpUG0yN1dhU3VZSG15bk9xbDNoYlpNa2xKQUFVSmRUSn...
419 B
646 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=_2N1GnxRRnpUZFNJS05oNW9lc3lhVlRnU3F6d3Jta1NRdlQ0eTdkeWtRRm04ZzZ4WGVidmlrMDhsUVpCSVF1RWxPcTVFdmM4WDRsdEhHWFlUaVZGSkppQXdFSnFpUG0yN1dhU3VZSG15bk9xbDNoYlpNa2xKQUFVSmRUSnNPV3RLSUVsdjZ3MHc2UTAwYmdrd3hyRjdTMlZqcndXWWt6c2JlVjlkQTF3TTkvbXloZ2pINTdmdFRQUUQ5K2ZOcnZIYU5vbHJldFJyNkV6andFUThtaUQydTdjWUJCeFdYVnFaMG4yUHJTTzdMbEhxeTB2U0ZGZmFzY3ZIeWtINGRZV0MveGx5bFNoMFdaT0FPNy9lUXNqKzNjdVB5c3JNMFhTSytxa0tIaVNzaUk0enNyWT18&cppv=2
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
11a9bbe62d1a5661c9a42ce1a7ea9102f21afd54860ef8659543f4c6d453d753
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:35 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
3464817
expires
0

Redirect headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:35 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=_2N1GnxRRnpUZFNJS05oNW9lc3lhVlRnU3F6d3Jta1NRdlQ0eTdkeWtRRm04ZzZ4WGVidmlrMDhsUVpCSVF1RWxPcTVFdmM4WDRsdEhHWFlUaVZGSkppQXdFSnFpUG0yN1dhU3VZSG15bk9xbDNoYlpNa2xKQUFVSmRUSnNPV3RLSUVsdjZ3MHc2UTAwYmdrd3hyRjdTMlZqcndXWWt6c2JlVjlkQTF3TTkvbXloZ2pINTdmdFRQUUQ5K2ZOcnZIYU5vbHJldFJyNkV6andFUThtaUQydTdjWUJCeFdYVnFaMG4yUHJTTzdMbEhxeTB2U0ZGZmFzY3ZIeWtINGRZV0MveGx5bFNoMFdaT0FPNy9lUXNqKzNjdVB5c3JNMFhTSytxa0tIaVNzaUk0enNyWT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
441547
content-length
0
expires
0
ga-audiences
www.google.com/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-41819048-4&cid=923013097.1690264656&jid=1196898692&_u=YEBAAEAAAAAAACAAI~&z=1580274158
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-41819048-4&cid=923013097.1690264656&jid=1196898692&_u=YEBAAEAAAAAAACAAI~&z=1580274158
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ibs:dpid=771&dpuuid=CAESEB4Lo4nilL5ENISR6UP5d18&google_cver=1
dpm.demdex.net/ Frame E2DC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTE1MTYzNDkyMDY4OTk3OTM2NDI5NzIyMjk5MzQ1NTUwMTg2Nzg=
  • https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTE1MTYzNDkyMDY4OTk3OTM2NDI5NzIyMjk5MzQ1NTUwMTg2Nzg=&google_tc=
  • https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEB4Lo4nilL5ENISR6UP5d18&google_cver=1?gdpr=0&gdpr_consent=
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEB4Lo4nilL5ENISR6UP5d18&google_cver=1?gdpr=0&gdpr_consent=
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
HTTP/1.1
Server
34.243.61.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-61-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://singtaonewscorp.demdex.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-0a9eadf0a.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
/x6U+qyFSbs=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEB4Lo4nilL5ENISR6UP5d18&google_cver=1?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
984.json
id5-sync.com/g/v2/ 		241 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
52ad94a3d3789dee8f7c6198ff73ca8c2be6d67c904dbec70973c79572daf773
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hd.stheadline.com
date
Tue, 25 Jul 2023 05:57:35 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
wrapper.html
wrappers.geoedge.be/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://wrappers.geoedge.be/wrapper.html
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:a200:2:d490:4d80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

x-amz-version-id
gVDFxbxIIKkKTV40SMjG._OTMed_.wGK
date
Mon, 24 Jul 2023 06:18:59 GMT
via
1.1 099a327961f82798658bf21aa210d4a0.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 12:46:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7
age
85117
etag
"4a6c546fe449447f2a620613c0655458"
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
x-cache
Hit from cloudfront
accept-ranges
bytes
content-length
3121
x-amz-cf-id
9KJ83HkoV6z8samP9pXD45_1_UN_TpeP4VdwyM6xVDFkHKs97aYUaQ==
getLoginStatusApi.php
hd.stheadline.com/ajax/ 		112 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hd.stheadline.com/ajax/getLoginStatusApi.php
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/g/jquery@1.12.4,bootstrap@3.3.7,perfect-scrollbar@0.6.14(js/perfect-scrollbar.jquery.min.js),sweetalert2@5.3.5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
163.181.56.178 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
b82b70e8fb6162477bfa925fb2bb2aa6ac05fcc35cceb9daf9ca9ec3a2bc6ea2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://hd.stheadline.com/news/realtime/h
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
cache37.l2hk3[24,0], cache4.l2de2[210,0], ens-cache2.de4[212,0]
server
Tengine
x-frame-options
SAMEORIGIN
p3p
CP=This is not a P3P policy! See http://hd.stheadline.com/privacy.php for more info.
content-type
text/html; charset=UTF-8
cache-control
no-cache no-store must-revalidate max-age=0, max-age=240
timing-allow-origin
*
x-xss-protection
1; mode=block
eagleid
2ff62b1a16902646559097022e
like.php
www.facebook.com/plugins/ Frame EF9A 		47 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3100fa037314cc%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fhk%2F2402786%2F%25E5%258D%25B3%25E6%2599%2582-%25E6%25B8%25AF%25E8%2581%259E-%25E6%25B5%2581%25E8%25A1%258C%25E9%2583%25BD%25E5%25B8%2582-%25E9%25A9%259A%25E7%258F%25BE%25E7%2596%2591%25E4%25BC%25BC-%25E8%25B5%25B0%25E5%2585%2589-%25E7%2595%25AB%25E9%259D%25A2-%25E5%25A5%25B3%25E7%25A5%259E%25E7%2596%2591%25E5%25A4%25B1%25E5%25AE%2588%25E9%259C%25B2%25E7%25A5%259E%25E7%25A7%2598%25E4%25B8%2589%25E8%25A7%2592%25E4%25BD%258D-Juicy%25E5%258F%25AE&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/all.js?hash=61e1142d326aa98375a897a301c8e9a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8a4c851e098aeaa897f28e8d7dd966ef0344ce72bb2f42351da2f8ba10e278e5
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jul 2023 05:57:36 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
2P84zBkouS19hjGBiAPUYOdai7LdwYSrDgEfNSbEbEUSZA6TpoE415No/2fPu+/9VFBxL3sWqHFe82xo3lLeKA==
x-xss-protection
0
like.php
www.facebook.com/plugins/ Frame F4BE 		48 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11ae6fe27b0f5c%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/all.js?hash=61e1142d326aa98375a897a301c8e9a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ca3fe16748e5e2c85cceea18bb69f132a877b56f0ccca2e667030e20847df191
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jul 2023 05:57:36 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
xma2h1hoEZPWa9miAwGbntKTw3OwdlSM+FxxSbqZAJFbcVNrGF0U37gSjFzmuRcZZ6yPvVNw9qxBSowuG+iiIw==
x-xss-protection
0
like.php
www.facebook.com/plugins/ Frame 9AB5 		48 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2aa391c6d23aec%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/all.js?hash=61e1142d326aa98375a897a301c8e9a7
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
50b98f1fc333d4913577c368777b55ba5e843febe24fe1f98ab21e50d2168cc5
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jul 2023 05:57:36 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
TUr8NPUGpSSiXklGjbTVC/jR3INWpr7LRhy8NL/q3cXgBxhmxYh9CFmVB02mLaXvdD4mvzoqOTRkfilZGqXOag==
x-xss-protection
0
like.php
www.facebook.com/plugins/ Frame 8BEC 		48 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18d397644504c%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=282&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/all.js?hash=61e1142d326aa98375a897a301c8e9a7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6bcf89dc9c6b4ed8ae1c136094843d20d619f7a6a5c50b30a193c3155ebe6f64
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jul 2023 05:57:36 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
GeXdye8w/nMP7HzEyOI41wautA4Hq+v+oGsqr5nbFnlvXi8qnfu/R0z5vPckGPxINq+lTv8zCWASFfrqjtpPqQ==
x-xss-protection
0
pd
google-bidout-d.openx.net/w/1.0/ Frame 5210 		0
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 25 Jul 2023 05:57:36 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
LVbUFwfoGjA.js
static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/ Frame EF9A 		518 KB
134 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/LVbUFwfoGjA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3100fa037314cc%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fhk%2F2402786%2F%25E5%258D%25B3%25E6%2599%2582-%25E6%25B8%25AF%25E8%2581%259E-%25E6%25B5%2581%25E8%25A1%258C%25E9%2583%25BD%25E5%25B8%2582-%25E9%25A9%259A%25E7%258F%25BE%25E7%2596%2591%25E4%25BC%25BC-%25E8%25B5%25B0%25E5%2585%2589-%25E7%2595%25AB%25E9%259D%25A2-%25E5%25A5%25B3%25E7%25A5%259E%25E7%2596%2591%25E5%25A4%25B1%25E5%25AE%2588%25E9%259C%25B2%25E7%25A5%259E%25E7%25A7%2598%25E4%25B8%2589%25E8%25A7%2592%25E4%25BD%258D-Juicy%25E5%258F%25AE&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
859a70389f132ddd5170db478d4c3342de75a01668c0021b1731bce2532ca093
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b4ClP1mqppFleHwC2vkC1w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136869
x-fb-debug
NDylb3zREgeVTC2r2y4DVD0dMHyFFN5SNvtv0jzCXFjiEnRgTZhwTrU5br9m28lDfY87lu4fIFkLaK0GQUa8sw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 21 Jul 2024 02:44:19 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame EF9A 		299 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3100fa037314cc%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fhk%2F2402786%2F%25E5%258D%25B3%25E6%2599%2582-%25E6%25B8%25AF%25E8%2581%259E-%25E6%25B5%2581%25E8%25A1%258C%25E9%2583%25BD%25E5%25B8%2582-%25E9%25A9%259A%25E7%258F%25BE%25E7%2596%2591%25E4%25BC%25BC-%25E8%25B5%25B0%25E5%2585%2589-%25E7%2595%25AB%25E9%259D%25A2-%25E5%25A5%25B3%25E7%25A5%259E%25E7%2596%2591%25E5%25A4%25B1%25E5%25AE%2588%25E9%259C%25B2%25E7%25A5%259E%25E7%25A7%2598%25E4%25B8%2589%25E8%25A7%2592%25E4%25BD%258D-Juicy%25E5%258F%25AE&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-debug
KLbKxVPb/gEsuqqTtoMIEr+akSgJMRC4tjvTCZjeTIuszKdTHHw/FEEqsP5OBKARiDELqe+8avAiPgLptrZeYA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 20 Jul 2024 00:54:54 GMT
LVbUFwfoGjA.js
static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/ Frame EF9A 		518 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/LVbUFwfoGjA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3100fa037314cc%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fhk%2F2402786%2F%25E5%258D%25B3%25E6%2599%2582-%25E6%25B8%25AF%25E8%2581%259E-%25E6%25B5%2581%25E8%25A1%258C%25E9%2583%25BD%25E5%25B8%2582-%25E9%25A9%259A%25E7%258F%25BE%25E7%2596%2591%25E4%25BC%25BC-%25E8%25B5%25B0%25E5%2585%2589-%25E7%2595%25AB%25E9%259D%25A2-%25E5%25A5%25B3%25E7%25A5%259E%25E7%2596%2591%25E5%25A4%25B1%25E5%25AE%2588%25E9%259C%25B2%25E7%25A5%259E%25E7%25A7%2598%25E4%25B8%2589%25E8%25A7%2592%25E4%25BD%258D-Juicy%25E5%258F%25AE&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
859a70389f132ddd5170db478d4c3342de75a01668c0021b1731bce2532ca093
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b4ClP1mqppFleHwC2vkC1w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136869
x-fb-debug
NDylb3zREgeVTC2r2y4DVD0dMHyFFN5SNvtv0jzCXFjiEnRgTZhwTrU5br9m28lDfY87lu4fIFkLaK0GQUa8sw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sun, 21 Jul 2024 02:44:19 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 8BEC 		299 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18d397644504c%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=282&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-debug
KLbKxVPb/gEsuqqTtoMIEr+akSgJMRC4tjvTCZjeTIuszKdTHHw/FEEqsP5OBKARiDELqe+8avAiPgLptrZeYA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 20 Jul 2024 00:54:54 GMT
LVbUFwfoGjA.js
static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/ Frame 8BEC 		518 KB
134 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/LVbUFwfoGjA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df18d397644504c%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=282&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
859a70389f132ddd5170db478d4c3342de75a01668c0021b1731bce2532ca093
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b4ClP1mqppFleHwC2vkC1w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136869
x-fb-debug
NDylb3zREgeVTC2r2y4DVD0dMHyFFN5SNvtv0jzCXFjiEnRgTZhwTrU5br9m28lDfY87lu4fIFkLaK0GQUa8sw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1,i
expires
Sun, 21 Jul 2024 02:44:19 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame 9AB5 		299 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2aa391c6d23aec%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-debug
2DcVVTq3IkT539jUax5mUKiHRov+v98CrdC5mUVqXDq+eeN8HWY8gZuwKehsunHDbbGVoLAm6wnYq0GkFfzMYw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 20 Jul 2024 03:12:15 GMT
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame F4BE 		299 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11ae6fe27b0f5c%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-debug
2DcVVTq3IkT539jUax5mUKiHRov+v98CrdC5mUVqXDq+eeN8HWY8gZuwKehsunHDbbGVoLAm6wnYq0GkFfzMYw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 20 Jul 2024 03:12:15 GMT
LVbUFwfoGjA.js
static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/ Frame 9AB5 		518 KB
134 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/LVbUFwfoGjA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2aa391c6d23aec%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
859a70389f132ddd5170db478d4c3342de75a01668c0021b1731bce2532ca093
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b4ClP1mqppFleHwC2vkC1w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136869
x-fb-debug
NDylb3zREgeVTC2r2y4DVD0dMHyFFN5SNvtv0jzCXFjiEnRgTZhwTrU5br9m28lDfY87lu4fIFkLaK0GQUa8sw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1,i
expires
Sun, 21 Jul 2024 02:44:19 GMT
LVbUFwfoGjA.js
static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/ Frame F4BE 		518 KB
134 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/LVbUFwfoGjA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11ae6fe27b0f5c%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
859a70389f132ddd5170db478d4c3342de75a01668c0021b1731bce2532ca093
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b4ClP1mqppFleHwC2vkC1w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136869
x-fb-debug
NDylb3zREgeVTC2r2y4DVD0dMHyFFN5SNvtv0jzCXFjiEnRgTZhwTrU5br9m28lDfY87lu4fIFkLaK0GQUa8sw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1,i
expires
Sun, 21 Jul 2024 02:44:19 GMT
LVbUFwfoGjA.js
static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/ Frame 9AB5 		518 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/LVbUFwfoGjA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2aa391c6d23aec%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
859a70389f132ddd5170db478d4c3342de75a01668c0021b1731bce2532ca093
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b4ClP1mqppFleHwC2vkC1w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136869
x-fb-debug
NDylb3zREgeVTC2r2y4DVD0dMHyFFN5SNvtv0jzCXFjiEnRgTZhwTrU5br9m28lDfY87lu4fIFkLaK0GQUa8sw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 21 Jul 2024 02:44:19 GMT
LVbUFwfoGjA.js
static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/ Frame F4BE 		518 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/LVbUFwfoGjA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df11ae6fe27b0f5c%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
859a70389f132ddd5170db478d4c3342de75a01668c0021b1731bce2532ca093
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b4ClP1mqppFleHwC2vkC1w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136869
x-fb-debug
NDylb3zREgeVTC2r2y4DVD0dMHyFFN5SNvtv0jzCXFjiEnRgTZhwTrU5br9m28lDfY87lu4fIFkLaK0GQUa8sw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sun, 21 Jul 2024 02:44:19 GMT
like.php
www.facebook.com/plugins/ Frame EA46 		48 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3192a353837a8%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/zh_HK/all.js?hash=61e1142d326aa98375a897a301c8e9a7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
453d644b44df2cb208ffe0448b32942a440e1275443afbce316dbfd0d961f3f6
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jul 2023 05:57:36 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster
?0
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
pragma
no-cache
priority
u=0,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
x1uuc0r1osG6MVg4B7uQcyCYstwL+H5e76ry7VjzCLGjetIyUotne3DeCGYo5IitUGXEByTWLMFh2TkHaDH+jw==
x-xss-protection
0
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20230725
Requested by
Host: static.stheadline.com
URL: https://static.stheadline.com/stheadline/js/prebid7.18.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
002cb50e45a9f05c930e84cc1c6de5483ac986b75c198dc4d84a3d22a1015bd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
content-encoding
br
age
7008
x-jsd-version
1.0.1761
x-cache
HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
858
x-served-by
cache-fra-eddf8230136-FRA
x-jsd-version-type
version
etag
W/"644-9D/v0avIBmELlLLS+ANACZQLe+I"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
ads
securepubads.g.doubleclick.net/gampad/ 		176 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3446901797760416&correlator=796036206440252&eid=31072020%2C31070233%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=64888526%2CHL_Web%2Crealtime_list-topbanner%2Crealtime_list-LREC1%2Crealtime_list-LREC2%2Crealtime_list-LREC3%2Crealtime_list-1x1%2Crealtime_list-popup&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7&prev_iu_szs=320x50%7C728x90%7C970x90%7C970x160%7C970x250%7C1x1%2C320x50%7C300x100%7C300x250%7C300x430%7C300x600%7C1x1%2C320x50%7C300x100%7C300x250%7C1x1%2C320x50%7C300x100%7C300x250%7C1x1%2C1x1%2C320x50%7C900x500%7C640x480%7C800x450%7C1x1%7C300x250&fluid=height%2Cheight%2Cheight%2Cheight%2C0%2Cheight&ifi=1&adks=2833696278%2C1388098736%2C1642691378%2C2990288346%2C3778813666%2C2350935486&didk=3534438914~1328602476~3901855630~1013276188~298396069~443799393&sfv=1-0-40&eri=1&cust_params=amznbid%3D0%26amznp%3D0&sc=1&cookie_enabled=1&abxe=1&dt=1690264656411&lmt=1690264656&adxs=436%2C1102%2C1102%2C1102%2C1410%2C-12245933&adys=125%2C165%2C165%2C752%2C38%2C-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0%7C0%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&rumc=3446901797760416&rume=1&frm=20&vis=1&psz=1600x60%7C300x1451%7C300x1451%7C300x1451%7C1224x57%7C0x-1&msz=1600x0%7C300x0%7C300x0%7C300x0%7C1x-1%7C0x-1&fws=0%2C0%2C0%2C4%2C0%2C640&ohw=0%2C0%2C0%2C300%2C0%2C0&ga_vid=923013097.1690264656&ga_sid=1690264656&ga_hid=1703895921&ga_fc=true&dlt=1690264654217&idt=1320
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e5a215def83e156b08bd70c0a82d70d71f925271955cad7268ca8bc6b320bded
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22146
x-xss-protection
0
google-lineitem-id
-1,-1,-1,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-1,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hd.stheadline.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
27ab4307786ec7ceac97cd1774c546c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6B89 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://27ab4307786ec7ceac97cd1774c546c3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jul 2023 05:57:36 GMT
expires
Wed, 24 Jul 2024 05:57:36 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
FEppCFCt76d.png
static.xx.fbcdn.net/rsrc.php/v3/yD/r/ Frame EA46 		299 B
434 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yD/r/FEppCFCt76d.png
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3192a353837a8%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
content-md5
OIlAxCmR79nrM/Ez4ygGlg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
299
x-fb-debug
2DcVVTq3IkT539jUax5mUKiHRov+v98CrdC5mUVqXDq+eeN8HWY8gZuwKehsunHDbbGVoLAm6wnYq0GkFfzMYw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 20 Jul 2024 03:12:15 GMT
LVbUFwfoGjA.js
static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/ Frame EA46 		518 KB
134 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ioTW4/yW/l/zh_HK/LVbUFwfoGjA.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?action=like&app_id=978368502211772&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df3192a353837a8%26domain%3Dhd.stheadline.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fhd.stheadline.com%252Ff8a0b2bdc2613%26relation%3Dparent.parent&container_width=0&href=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fchi%2F2406186%2F%25E5%258D%25B3%25E6%2599%2582-%25E4%25B8%25AD%25E5%259C%258B-%25E6%25B7%25B1%25E5%259C%25B3%25E6%2583%2585%25E4%25BE%25B6%25E5%2582%25B3%25E5%25A4%25A9%25E6%25A9%258B%25E6%25BC%2594-%25E6%25B4%25BB%25E6%2598%25A5%25E5%25AE%25AE-%25E5%25A5%25B3%25E5%25AD%2590%25E6%2584%258F%25E5%25A4%2596%25E5%25A2%25AE%25E6%25A9%258B%25E4%25BA%25A1-%25E7%2594%25B7%25E5%25AD%2590%25E8%2588%2589%25E5%258B%2595%25E9%2581%25AD%25E7%25B6%25B2%25E6%25B0%2591%25E5%259C%258D%25E5%2589%25BF&layout=button_count&locale=zh_HK&sdk=joey&show_faces=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
859a70389f132ddd5170db478d4c3342de75a01668c0021b1731bce2532ca093
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
b4ClP1mqppFleHwC2vkC1w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
136869
x-fb-debug
NDylb3zREgeVTC2r2y4DVD0dMHyFFN5SNvtv0jzCXFjiEnRgTZhwTrU5br9m28lDfY87lu4fIFkLaK0GQUa8sw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
origin-agent-cluster
?0
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=1,i
expires
Sun, 21 Jul 2024 02:44:19 GMT
iframe_api
www.youtube.com/ 		1006 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN227213af532841a48cb92e23b43a2f63.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cbe006779b4df0ae3275b5eab380e604d82604223ba1c67291f622233013bb5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /cspreport
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-type
text/javascript; charset=utf-8
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cache-control
private, max-age=0
origin-trial
AvC9UlR6RDk2crliDsFl66RWLnTbHrDbp+DiY6AYz/PNQ4G4tdUTjrHYr2sghbkhGQAVxb7jaPTHpEVBz0uzQwkAAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Tue, 25 Jul 2023 05:57:36 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3cbcdffd6a39fc58d718e501f0eeac4b6223aff5b04da4f3668c35e90edc9c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11817
x-xss-protection
0
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/9053246/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
108.138.36.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-39.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 00:42:03 GMT
via
1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P2
age
18969
x-amz-server-side-encryption
AES256
etag
"d41d8cd98f00b204e9800998ecf8427e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
accept-ranges
bytes
content-length
0
x-amz-cf-id
5-4jhIKFnqefsjZlqhvDbcknd-o4Ml_EJp7-3eEBo4BHNK_zcQcyVQ==

Redirect headers

date
Tue, 25 Jul 2023 05:57:36 GMT
via
1.1 09b934fc5a2991212bdc3b299a0a1cb4.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
MUC50-P2
x-cache
Miss from cloudfront
location
/internal-c2/default/cs.js
content-length
0
x-amz-cf-id
2gAhvLE2Ibt9mcNX5LGrrcIVkmqqCjxuDp_SU7qSs1TDHcW80cXtPQ==
gen_204
pagead2.googlesyndication.com/pagead/ 		0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_stats&su=hd.stheadline.com&doc=complete&pg_h=3089&pg_w=1600&pg_hs=3089&c=0&aa_c=0&d=0&all_d=0&ard=0&all_ard=0&dt=d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:36 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/8e83803a/www-widgetapi.vflset/ 		203 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/8e83803a/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
014a3d61d0c654f1c2f03e2b9fe22f951a945535e91b02e0fffec31da5ba6f3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:49:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
512
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
64339
x-xss-protection
0
last-modified
Wed, 19 Jul 2023 01:47:56 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Wed, 24 Jul 2024 05:49:04 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 25 Jul 2023 05:57:36 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9E32 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
21692
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 23:56:04 GMT
expires
Tue, 23 Jul 2024 23:56:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 639B 		783 B
972 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
11d77626ce1e2445aa3d82d31cf410937e4223518c396d8b9f0bb6e615a1f062
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Q7K4eEyXUJRHGGygiEaFEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Q7K4eEyXUJRHGGygiEaFEg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jul 2023 05:57:36 GMT
expires
Tue, 25 Jul 2023 05:57:36 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:36 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Tue, 06 Jun 2023 12:52:55 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
1305681
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ZPz%2ForOV43pbpt6U7PDzTa02x%2BkXKk%2Bik0fec03c1LxBBGWJu3q2%2F56S%2Fb3UdK9ZlDaWbhQaNSzb9Ngc9GnHm16bfg%2Bdbe3vPnTUGsSWuN2EY4LyfSzLo75QpmKA6mNZUspw6fzDcNrpGGH"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7ec22a99fd584dc7-FRA
csi
csi.gstatic.com/ 		0
235 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lkhvxncp&c=3446901797760416&e=31072020%2C31070233%2C31061691%2C31061693&ctx=1&met.9=1.1ui~2.1yz~9.0~3_37.2nk~7_37.0~7_38.0~7_39.0~7_40.0~7_41.0~7_42.0~4_37.30s~5_40.31c~5_41.31c~5_42.31c&met.3=947.1zd~5.1zd~74.1ze_3~90.1zh~88.1zh~88.1zh~89.1zh~44.1zh~947.1zh~43.1zh_1~74.1zi~947.1zi~43.1zi~74.1zi~947.1zi~43.1zi~74.1zj~947.1zj~43.1zj~74.1zj~947.1zj~43.1zj~74.1zj~90.1zj~88.1zj~88.1zj~89.1zj~44.1zj~947.1zj~43.1zj~947.1zk~6.1zk~91.1zk~95.1zk_1~95.1zl~95.1zl~95.1zm~95.1zm~947.1zm~86.1zm~95.1zm~77.1zd_a~724.1zp~724.1zp_1~724.1zp~724.1zq~724.1zq~724.1zq~724.1zq~724.1zq~724.1zq~724.1zq~724.1zq~724.1zq~894.1zy~947.202~86.202~76.202~947.20k~1.20k~947.20k~1.20l~947.23r~86.23r~76.23r~112.24i_2~334.2bd~947.2mq~947.2mr~947.2mr~573.2mr~947.2mr~573.2mr~947.2ms~11.2ms_2~76.2mp_4~725.2mu~725.2mu~725.2mu~725.2mu~725.2mu~725.2mu~894.2mw~1132.2n5_f~808.2nn~808.2nn~808.2nn~808.2nn~808.2nn~808.2nn~808.2nn~808.2nn~808.2nn~808.2nn~808.2nn~808.2nn~94.2tj~947.2u5~573.2u5~598.2u5~598.2u5~598.2u6~598.2u6~598.2u6~598.2u6~113.2u4_4~947.2vg~86.2vg~646.30s_3~646.30v_1~646.30w_1~646.30x_2~646.30z_1~646.310_1~800.311~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.312~800.313~800.313~800.313~355.313~598.313~709.313~355.313~598.313~709.313~355.313~598.313~709.313~355.313~709.313~355.313~709.313~355.313~709.313~801.31d~801.31d~825.31d~355.31d~825.31d~801.31d~801.31d~825.31d~355.31d~825.31d~801.31d~801.31d~825.31d~355.31d~825.31d~54.31d~598.31d~708.31d~708.31d~598.31e~74.31f~947.31f~1.31f~43.31f~91.31f~76.31f_1~49.31g~49.31g~76.31f_4~708.31d_6~54.31j~598.31j~708.31j~708.31k~598.31k~708.31k~54.31k~598.31k~708.31k~708.31k~598.31k&met.10=1_5.CAEQARiAmHUg0xQoAQ~1_1.CAAQABiAmHUg0xQoAQ~1_2.CAAQABiAmHUg0xQoAQ~1_4.CAAQABiAmHUg0xQoAQ~1_3.CAAQABiAmHUg0xQoAQ~1_6.CAAQABiAmHUg0xQoAA~1_1.CAAQABgAINYaKAA~1_2.CAAQABgAINYaKAA~1_3.CAAQABgAINYaKAA~1_4.CAAQABgAINYaKAA~1_5.CAAQABgAINYaKAA~1_6.CAAQABgAINYaKAA~1_41.CAEQARiAmHUg_xooAQ~1_37.CAAQABiAmHUg_xooAQ~1_38.CAAQABiAmHUg_xooAQ~1_40.CAAQABiAmHUg_xooAQ~1_39.CAAQABiAmHUg_xooAQ~1_42.CAAQABiAmHUg_xooAA&met.7=CBsQCMABxcaqmgI~CBsQCiDUCTjOAcAB2b3P_gk~CBsQCiDVCTiRBMAB8-P7uAg~CBsQByDVCTi3BsABtZXvuQ8~CBsQByDVCThhwAGE__rWAQ~CBsQByDVCThgwAGFz67bAg~CBsQByDVCThgwAHqhJyDAg~CBsQByDVCThiwAHZx-2uDg~CBsQByDVCTjMBsAB0_iF3wg~CBsQByDVCTioBsABjujmggY~CBsQByDVCTjlAcAB8a6Xkwk~CBsQByDWCTiDAsABlJvt4w0~CBsQByDWCTi6BsABw6mp5Q4~CBsQByDWCTjtAcAB-YiCxQ0~CBsQByDWCTidBsABso-d_wE~CBsQByDWCTinBsAB7bTh2Ak~CBsQCiDWCTiQBsABnofYag~CA0QChgBINYJKNYJMLwROOYHQMkQSNMQUNMQWOoQYNkQaOsQcLAReLXeAYABidwBiAHIlQWwAQG4AQPAAeHb5t0L~CBsQByDWCTikBsAB3IvYhQ4~CBsQCiDWCTiqBsABvpGazw4~CBsQByDWCTiPBsAB3NGbvgo~CBsQBiDXCTjCCcABv4T1-A0~CDsQChgBINcJKNcJMJsSOMQIQMsQSOYQUOYQWIARYO0QaJQRcPIReL3eAYABkdwBiAHQlQWwAQG4AQPAAeLN6pYJ~CBsQCiDYCTj8BsABxMia4Ao~CBsQCiDYCTifCMABk7SS2QQ~CBsQCiDYCTjGCMABvIHElgo~CBsQCiDYCTjFCMAB7ZjZ3AM~CBsQCiDYCTjgC8ABxpzf1g4~CBsQDSDWCzipAcABwIr27QU~CBsQCiDdCziPBcABjYm8-QM~CBsQCiDdCziMBcABjoz02wk~CBsQBiCNDTi-B8ABmMzNvgI~CBsQDSCMDjj6BcAB2vrLpwM~CBsQCiCNDjjVBcABh9P1pQ0~CBsQChgBIKMQKKMQMM8TOKwDwAHVntOmDA~CBsQCiDDEDjrAsABiMfC1wY~CBsQAiDaEDigA8AB4-z22g4~CBsQAiDaEDjoBMABuZiylgU~CBsQAiDbEDiaAsABvbrGvgo~CBsQAiDbEDiYAsABzo7PmA4~CBsQAiDgEDgjwAHy_53JBg~CBsQBSDdETisA8ABgLT25Q8~CBsQCiDtETiGAsAB66vbnw8~CBsQAiCHEjiBAsAB35GLnQQ~CBsQAiCHEjiKAsAB_MHGmQQ~CBsQAiCHEjibAsABnLDLug8~CEMQChgBINsSKNsSMNATOHVoiBNwohN4p9QHgAH70QeIAfSHGLABAbgBA8ABtrP9swU~CBsQCiDkEjh4wAHRmKGXCQ~CBsQCiCvEzgzwAGIx8LXBg~CBsQBiDaEzhPwAGHh5u2Aw~CBsQCiDvEzgjwAHZ67DzCg~CBsQChgBIPUTKPUTMMAUOEvAAYzV2OsE~CBsQBiD1EzgWwAHV2LT9Dw~CCgQChgBIJQUKJQUMKQUOBBolRRwoxR4zbwBgAGhugGIAZTyA7ABAbgBA8ABm-H6cA~CBsQCiCZFDg5wAGH-OfvBA~CBsQCiCaFDg5wAHZ7qPBCQ~CBsQCiCaFDhJwAHooseIBg~CBsQCiCbFDhKwAHpnPb4Dw~CBsQCiCcFDgQwAG-lNn1AQ~CBsQCiCcFDhjwAGa57v_BQ~CBsQCiCdFDh5wAHHpsTRBg~CBsQCiCdFDh3wAHKhJ38Cg~CBsQBiCjFDgcwAHV2LT9Dw~CBsQDSC1FDgYwAHc16HUDA~CBsQDSC2FDg6wAGDwojKCw~CBsQCiCAFTgdwAGkt6rDDw~CBsQDSCfFTgPwAGAkfKHCA~CBsQDSCyFTgswAGW-vW6Cg~CBsQCiCnFTgxwAGzgtXSCQ~CBsQBSC8FThCwAGh2_b2AQ~CCgQDRgBIMYVKMYVMIUWOD_AAeKygLkD~~CBsQDSDsFTgmwAHSxKyeBQ~CBsQDSCSFjgZwAHG89isAg~CBsQBhgBIIYWKIYWMK4WOClAhhZIhxZQhxZYnBZgjBZonBZwrhZ41gKAASqIASqwAQG4AQPAAf23jOYB~CBsQBhgBIIYWKIYWMK8WOCpAhhZIhxZQhxZYnBZgjBZonBZwrxZ41gKAASqIASqwAQG4AQPAAf_m6MwL~CBsQDSDKFThnwAGV8OKhBg~CBsQCiCFFTixAcAB8rHBgQc~CBsQBiDYCTjtDMABlp7y4QM~CBsQBiDXCTj5DMAB8qLkhwo~CBsQAiDaEDj3BcAB8Z_D5wY~CBsQCiCjFTitAcABgI75ywg~CBsQBiDXCTiADcAB1qbc9gU~CBsQAiDaEDj_BcAB05WC4Qs~CBsQAiDbEDiOBsABq5K7sQU~CBsQBiDXCTidDcAB6fHL0wY~CBsQCiDXCTiTDcAB--bWmQs~CBsQCiDYCTiFDcABnrictws~CBsQCiDYCTiADcABzcL7nQ0~CBsQAiDbEDiYBsABwpKSpQU~CBsQAiDcEDibBsAB-fH6nwU~CBsQBiDXCTiyDcABzMLs8gw~CBsQBiDXCTjCDcABleHQ8Qs~CBsQBiDXCTjKDcAB3Ki8ww0~CBsQAiDbEDieBsABqZXnsQg~CBsQAiDcEDigBsAB8OiCUw~CBsQDSDlFjhAwAGW-4vGBQ~~CBsQBiDXCTjMDsABoL-hogM~CBsQBiDXCTjODsAB2KjChwI~CBsQBiDXCTjpDsAB1t2kXQ~CBsQBiDXCTjsDsABwKvAnAQ~CBsQAiCGEji-BsABo6CG8AQ~CBsQAiCHEjjGBsAB9smF_wQ~CBsQAiCHEjjHBsABsdOSmwQ~CBsQAiCHEjjNBsAByIOQxAw~CBsQAiCGEjjXBsAB1PubmgQ~CBsQAiCHEjjXBsABka7Sxww~CBsQBiDXCTiPD8ABmrLjgQk~CBsQDSCKFzjfAcABnMPOuAQ~CBsQBiDXCTi5D8ABnPyZ7A0~CBsQBiDXCTi6D8ABob_twAY~CBsQBiDXCTjKD8ABuaGV_Q4~CBsQBSCtFzidAsAB59fyjgk~CBsQBiDXCTj-D8AB17S55gw~CBsQBSCzFzjgAsAB59fyjgk~CBsQBSC2FzjdAsAB59fyjgk~CBsQBSDvFziXAsABl4XXrAo~CBsQBSCwFzjpAsAB59fyjgk~CBsQCiCrEDj0CcAB4Yakzg8~CBsQDSDKGjgJwAHjqP_QBA~CBsQBiDXCTioEcABxYnDIw~CBsQCiDqEziKB8AB0JiJqw8~CBsQBRgBIPMaKPMaMLkbOEZA9BpIkxtQkxtYqBtgmRtoqhtwuBt4iReAAd0UiAGSMLABAbgBA8AB8a7hgQc~CBsQCDjKHMABxcaqmgI~CBsQBSCcGjimAsAB59fyjgk~CBsQCiDDHDg9wAG65qzKDA~CBsQCiDaHDgowAHJ6oTQBA~CBsQCiCCHTgTwAGCpIbzDw~CCcQDRgBIMocKMocMJwdOFJAyxxIzBxQzBxY4xxg0hxo5Bxwmx141V6AAalciAGperABAbgBA8AB8_LLrgs~CBwQBhgBIOAcKOAcMJ8dOD9A4RxI4RxQ4RxY9hxg6Bxo9hxwnh14rAKwAQG4AQPAAZSE4rUO~CCcQChgBIKAdKKAdMMEeOKIBwAHiwZvaBQ&met.1=1.lkhvxl87~6.4u~7.50~8.51~9.51~10.5k~11.57~12.5u~13.xb~14.xq~15.ya~16.1uz~17.29s~18.2bd~19.2te~20.2te~21.2tm~22.1rt~23.1rt&qqid.1=CO_Rs8OWqYADFf2d_Qcd3BoC2A&qqid.2=CPDRs8OWqYADFf2d_Qcd3BoC2A&qqid.3=CPHRs8OWqYADFf2d_Qcd3BoC2A&qqid.4=CMOdssOWqYADFf2d_Qcd3BoC2A&qqid.5=CMSdssOWqYADFf2d_Qcd3BoC2A&qqid.6=CMWdssOWqYADFf2d_Qcd3BoC2A
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:819::2003 Mesa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307180709000/ Frame 12A9 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62064
x-xss-protection
0
server
sffe
etag
"7c75c6afffb97d84"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 12A9 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5274
x-xss-protection
0
server
sffe
etag
"b24c5d555100d699"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 12A9 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29021
x-xss-protection
0
server
sffe
etag
"908f04349b1b2df1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 12A9 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
server
sffe
etag
"5416cfef676738bf"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame 12A9 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13013
x-xss-protection
0
server
sffe
etag
"4da616cd662b7cdb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
css
fonts.googleapis.com/ Frame 12A9 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 04:25:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Jul 2023 05:57:36 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307180709000/ Frame ED82 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62064
x-xss-protection
0
server
sffe
etag
"7c75c6afffb97d84"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame ED82 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5274
x-xss-protection
0
server
sffe
etag
"b24c5d555100d699"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame ED82 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29021
x-xss-protection
0
server
sffe
etag
"908f04349b1b2df1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame ED82 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
server
sffe
etag
"5416cfef676738bf"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame ED82 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13013
x-xss-protection
0
server
sffe
etag
"4da616cd662b7cdb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
css
fonts.googleapis.com/ Frame ED82 		6 KB
780 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 04:05:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Jul 2023 05:57:36 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012307180709000/ Frame AACE 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62064
x-xss-protection
0
server
sffe
etag
"7c75c6afffb97d84"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame AACE 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5274
x-xss-protection
0
server
sffe
etag
"b24c5d555100d699"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame AACE 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29021
x-xss-protection
0
server
sffe
etag
"908f04349b1b2df1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame AACE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1913
x-xss-protection
0
server
sffe
etag
"5416cfef676738bf"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012307180709000/v0/ Frame AACE 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307180709000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 17:10:40 GMT
age
46017
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13013
x-xss-protection
0
server
sffe
etag
"4da616cd662b7cdb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 17:10:40 GMT
css
fonts.googleapis.com/ Frame AACE 		6 KB
804 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 25 Jul 2023 05:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 25 Jul 2023 04:24:52 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 25 Jul 2023 05:57:37 GMT
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 12A9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 00:32:38 GMT
x-content-type-options
nosniff
server
cafe
age
19498
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Wed, 26 Jul 2023 00:32:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 12A9 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
58946
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 25 Jul 2023 13:35:10 GMT
l
www.google.com/ads/measurement/ Frame 12A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT2Xhvlfxef_xWBGvbIAxWKZuKItHFC5l5wKEHsy6b-xHzYvezDNnPpn_6Eytk5Y2AdZSXS
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame ED82 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 00:32:38 GMT
x-content-type-options
nosniff
server
cafe
age
19498
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Wed, 26 Jul 2023 00:32:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame ED82 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
58946
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 25 Jul 2023 13:35:10 GMT
l
www.google.com/ads/measurement/ Frame ED82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQeomQ9FjelLt2YF03nEa8Jp7HpOWCsl4NYcOwNs6OIZQXv1RRoEoUOifT8x0KsMr-Kb678
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AACE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 00:32:38 GMT
x-content-type-options
nosniff
server
cafe
age
19498
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3430
x-xss-protection
0
expires
Wed, 26 Jul 2023 00:32:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame AACE 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 13:35:10 GMT
x-content-type-options
nosniff
server
cafe
age
58946
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Tue, 25 Jul 2023 13:35:10 GMT
shopping
encrypted-tbn3.gstatic.com/ Frame 12A9 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSyKDVVSxhT8uMy4KJr9sHDeJriUNhkTx-LcNincc2cFEAQ9IYOia05FBsc5g&usqp=CAI
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c08f69e21145b5c4b4b8fbb7a44ee1fa1a3970e6d01ef540d7b3da683739365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 09:38:04 GMT
x-content-type-options
nosniff
age
418773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18776
x-xss-protection
0
last-modified
Sun, 02 Apr 2023 12:03:18 GMT
server
sffe
report-to
{"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="images-tbn"
expires
Fri, 19 Jul 2024 09:38:04 GMT
9079929770903279293
tpc.googlesyndication.com/simgad/ Frame 12A9
Redirect Chain
  • https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgODMsoHuigEQ9AMY9AMyCOyWyByWpNP1
  • https://tpc.googlesyndication.com/simgad/9079929770903279293
4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9079929770903279293
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H3
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ec8fbee8583f1113604bb6a956caac31faea3405dd7c34a8d69f935daabb12c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Wed, 19 Jul 2023 09:37:27 GMT
x-content-type-options
nosniff
age
505210
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3990
x-xss-protection
0
last-modified
Wed, 14 Jun 2023 03:11:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 18 Jul 2024 09:37:27 GMT

Redirect headers

date
Mon, 24 Jul 2023 16:02:03 GMT
x-content-type-options
nosniff
server
cafe
age
50134
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://tpc.googlesyndication.com/simgad/9079929770903279293
content-type
text/html; charset=UTF-8
cache-control
public, max-age=2592000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 23 Aug 2023 16:02:03 GMT
truncated
/ Frame 12A9 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f32f2936af3502f725a0e799ac86c1a6507fdc376969a1aca7999d485f283dd4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
2076313506083323656
tpc.googlesyndication.com/simgad/9808971054354827035/ Frame ED82 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9808971054354827035/2076313506083323656
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be3a49b76ac71c1b995f314d04e13b762c6386daff3ddb6cba5e79fdc02a597f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 20:51:18 GMT
x-content-type-options
nosniff
age
378379
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41841
x-xss-protection
0
last-modified
Fri, 12 May 2023 15:33:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 19 Jul 2024 20:51:18 GMT
truncated
/ Frame ED82 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
629a4d964eb039cb4bd4d7651d32eafea282189403fc40b67cded949d6c0ade4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame ED82 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb30da47f8971f97532343d855fdb5c3f94928e83f6457f5922c0f8ad96adc28

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
2076313506083323656
tpc.googlesyndication.com/simgad/9808971054354827035/ Frame AACE 		41 KB
41 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9808971054354827035/2076313506083323656
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
be3a49b76ac71c1b995f314d04e13b762c6386daff3ddb6cba5e79fdc02a597f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 20:51:18 GMT
x-content-type-options
nosniff
age
378379
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41841
x-xss-protection
0
last-modified
Fri, 12 May 2023 15:33:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 19 Jul 2024 20:51:18 GMT
truncated
/ Frame AACE 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
629a4d964eb039cb4bd4d7651d32eafea282189403fc40b67cded949d6c0ade4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame AACE 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f609ef8156740f4533656cb0841d0947b7e01504615019535066d33289912b9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
prebid
ib.adnxs.com/ut/v3/ 		137 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
c46701816ff75067cb504a2ddffb5d5b59cc374856cbec012e902b960bd1fbc3
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:37 GMT
an-x-request-uuid
49d7d23c-d717-42ab-a8df-2cc0b4e62a71
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hd.stheadline.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.74; 45.141.152.74; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
137
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
rtb.adxpremium.services/openrtb2/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.106.140.18 , Netherlands, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
nginx /
Resource Hash
f60a254589dfec5febde4aceb6b2a8f6810f4d4a9498438b73884c48165f30a7

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 25 Jul 2023 05:57:37 GMT
Server
nginx
X-Prebid
pbs-go/unknown
Vary
Origin
Content-Type
application/json
Access-Control-Allow-Origin
https://hd.stheadline.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1836
Expires
0
adjson
ads.betweendigital.com/ 		2 B
890 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.betweendigital.com/adjson?t=prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.34.64 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hd.stheadline.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
c
prebid.a-mo.net/a/ 		0
279 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hd.stheadline.com
date
Tue, 25 Jul 2023 05:57:36 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
105
server
envoy
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		138 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fa8bcb457a25b1ca75f2330bc1851f47bf0562bcf9c73fbe3fea153235324437
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:37 GMT
an-x-request-uuid
3589a119-74c0-44a7-b1da-9fdfe541a990
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hd.stheadline.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.74; 45.141.152.74; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ghb.adtelligent.com/v2/auction/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:454:0:e082:abff:fefe:d1d2 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
684a4799a1696268059683c666260f9c6af23a7fbc175fc5a7b5d80ff08d0f91

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 25 Jul 2023 05:57:36 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://hd.stheadline.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
713
v1
prg-apac.smartadserver.com/prebid/ 		171 B
559 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg-apac.smartadserver.com/prebid/v1
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.225 Paris, France, ASN16276 (OVH, FR),
Reverse DNS
ip225.ip-217-182-178.eu
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:37 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://hd.stheadline.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
prebid
mp.4dex.io/ 		60 B
536 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Tue, 25 Jul 2023 05:57:37 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Floors. 2 inventory rules not found for mediatype: banner and adUnitCode: andbeyond30016, Process Seats Booster. unable to get the seat booster engine for organization: 1056
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hd.stheadline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7ec22a9ada83bb7a-FRA
expires
0
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7df154099a2256039defd5bbdc9159316f8935ec70e2c063918858a87d7fcbbe
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:37 GMT
content-encoding
gzip
an-x-request-uuid
9a3259dc-d19e-449e-ac03-06e4b7ba6877
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hd.stheadline.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.74; 45.141.152.74; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
rtbdemand-d.openx.net/w/1.0/ 		73 B
286 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtbdemand-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=6d8da3d0-3ace-42ab-bdae-46afa995d94c&nocache=1690264657072&schain=1.0%2C1!rtbdemand.com%2C22529%2C1%2C%2C%2C&aus=300x250%2C200x200%2C250x250%2C200x200&divids=andbeyond30016&aucs=%252F21751243814%252C64888526%252F552606-300-250-16&auid=544037780&aumfs=10
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
756fb7a61e59fd8bd9bc1e6e71e3cbaa9daf75b6e5ea7b1b7cdb11acfcfe125c

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:37 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://hd.stheadline.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
translator
hbopenbid.pubmatic.com/ 		0
115 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hd.stheadline.com
date
Tue, 25 Jul 2023 05:57:36 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
prebid
ib.adnxs.com/ut/v3/ 		139 B
703 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7dcd6bf5c95c9a36da8f30012789d9b401bfe671f975d37e8e47ec7432828d32
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:37 GMT
an-x-request-uuid
9f78ed37-a9bc-4491-9c3c-e810e72dba43
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hd.stheadline.com
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
45.141.152.74; 45.141.152.74; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
139
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.24.0&cb=99766771107
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
01eb43356e20c5f01efd2dd019782f5886e0f443aabc8b0ff50fba78de76811d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jul 2023 05:57:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding, Origin
content-type
application/json
access-control-allow-origin
https://hd.stheadline.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
hbjson
grid.bidswitch.net/ 		24 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.200.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-200-250.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
88cd78605dd026a8d87e2a65abaf3d892ee2b72a5f8c888d06492e604ceebc1c

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 25 Jul 2023 05:57:37 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://hd.stheadline.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 12A9 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hd.stheadline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 17:58:58 GMT
x-content-type-options
nosniff
age
388719
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20784
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:21:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jul 2024 17:58:58 GMT
ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 12A9 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hd.stheadline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Fri, 21 Jul 2023 02:08:50 GMT
x-content-type-options
nosniff
age
359327
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21428
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:32:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 20 Jul 2024 02:08:50 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ED82 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hd.stheadline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 22:23:32 GMT
x-content-type-options
nosniff
age
27245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jul 2024 22:23:32 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame ED82 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hd.stheadline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:31:22 GMT
x-content-type-options
nosniff
age
393975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jul 2024 16:31:22 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AACE 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hd.stheadline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 22:23:32 GMT
x-content-type-options
nosniff
age
27245
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 23 Jul 2024 22:23:32 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AACE 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hd.stheadline.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Thu, 20 Jul 2023 16:31:22 GMT
x-content-type-options
nosniff
age
393975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 19 Jul 2024 16:31:22 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:37 GMT
Content-Encoding
br
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Tue, 06 Jun 2023 12:52:54 GMT
Server
cloudflare
ETag
W/"845b176368f98c92daf7aa531dcbc491"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omXzRWzqt%2BhlsLL9N9zDENdvSPQIoRTWJzp6Lej6Y2%2B7GRlPtPmlElNnHtyfcnNcQV7F4mOOrbzZaLGV8rkk3O6IETXcuHJeDJhL9ZXmYxKQuMUv7NyNjiHQZSCarX0gWnfxq8i8MfMeAdS8"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7ec22a9b4d7737fe-FRA
sodar
pagead2.googlesyndication.com/pagead/ Frame 639B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=3446901797760416&rc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js
pagead2.googlesyndication.com/bg/ Frame 9E32 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 17:48:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
130123
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14729
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Jul 2024 17:48:54 GMT
csi
csi.gstatic.com/ Frame 12A9 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1690264657393&c=3446901797760416&qqid=CO_Rs8OWqYADFf2d_Qcd3BoC2A&rt=any.link.c.2r.r.i.q.k.1c4c.1bw0~any.script.c.2y.2.1f.0.0.4au.42i~any.script.c.34.6.1g.0.0.mmh.me5~any.script.c.31.1.1i.0.0.1ph.1h5~any.script.d.35.4.1j.0.0.a9t.a1h~any.link.d.16.1.i.m.1.p4.gs~any.img.1e.g.2.a.0.0.2vm.2na~any.img.1e.g.1.a.0.0.hw.9k~any.img.1e.k.1y.0.0.0.0.0~any.css.1k.2l.45.0.0.0.0.0~any.css.1l.2w.1.7.0.0.3b6.32u&met.a4a=dcl.1~ol.1~nvs.1690264656933~ini.1690264657394
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:819::2003 Mesa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 12A9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CknRDUGS_ZO_pHP279u8P3LWIwA3E3-D_aoyf0qfJEdrZHhABIITOmjJgleKQgqAHoAHftcLMA8gBBuACAKgDAcgDCqoEqwJP0HT6_fii9n_wCzL7bpxSTw1_twPxKp3pqbIIuzdkUT-q8TzJyPbbeuRIaaNVweVYX87tRgwmCSj9ExFAEzJhU3e_4HEEnl_st13Giu5dYvMbMhYEwDXXaowCqFemlPSLE5DSq61ESsqjGZl-XQsNdLgHsb10SJfr8WDyD3Lr2z1HhhJLLL6bRcX5B1kWS5LEPw-ml8RTBBvPvcl1rKBl5dzHSjJMJe7opq2YxcjbGrGw-xrBK4wCaqflIAmZIrqNmNCmoI89iHlTiFBp6eZiaxI4iqgZYjv7KMo_fZKe_Yist-Q_N02FuoizlYMdPF_WhyY6TdStCIRSOuAoXz8OiBbZYNW1Z3QOQnP2O-WBAvNudHt_n2L1hGpg_dxmIGK4kMHnphi3eZS1xMAE-b_D6EfgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AHicq9M6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBDsvQXSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6gAoDyAsB2BMMiBQB0BUBmBYBgBcBshceChwIABIUcHViLTg5NjEyOTc2Nzc5Nzc0MTMYro0i&sigh=CnHKuNVBk_0&uach_m=[]&cid=CAQSPABpAlJWZPvuvKllk5k0z8hbfbq5FCdBoyL7-5C8LDO6E6D46YywfntdF8vpxgfLHQH7lp2BOdSAlvMDFRgB&template_id=493&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame ED82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGHlNUGS_ZPDpHP279u8P3LWIwA20lprrcbSGgpLPEbHSgbznAhABIITOmjJgleKQgqAHoAHe3Y21KcgBCakCIAErvjuwLz7gAgCoAwHIAwqqBKYCT9DL2KOEy-naXpHCgvSL3JP_WvoHGBBylnWQVOuFHnNNtGqkVyrONn0L0GQTDoChxM3Ko7wOZf_9Tf3d869jg9nfdwzf95Ltq_SaeKzEHkI_PVOnMqejgxnbYYHV0fLvI_LHRiXcIwnjrCemOpp8IxFtjMNYAVPCMpY_3CYtxQQVja9a7vc2gKWGkekkj4vKBJjKM7BEenT-liolM93hfyCWNSadNFswLcjx1yblRAcKFyJ-zJba60YUToIMEXgvAn0Sz5i9w1snuqdiUB382prEOhtAiJLyYjZFdDy2emNMQw8yDqg17p9HTF2V3ZRWLBFsZLyRrW9vWKK3ClrZrKPMC05E0i3Maemh_-79TOK5JCMBT7hSO979W8ZDzFDaiAxTkcebwATBq9CevATgBAGSBQQIBBgBkgUECAUYBKAGLoAH-eSyrgSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxD2bNIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqACgPICwG4E-QD2BMNiBQB0BUBgBcBshceChwIABIUcHViLTg5NjEyOTc2Nzc5Nzc0MTMYro0i&sigh=g5yYUIcr2q8&uach_m=[]&cid=CAQSPABpAlJWZPvuvKllk5k0z8hbfbq5FCdBoyL7-5C8LDO6E6D46YywfntdF8vpxgfLHQH7lp2BOdSAlvMDFRgB&template_id=484&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame ED82 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1690264657411&c=3446901797760416&qqid=CPDRs8OWqYADFf2d_Qcd3BoC2A&rt=any.link.d.28.k.o.0.0.1c4c.1bw0~any.script.d.2o.1.1m.0.0.4au.42i~any.script.d.2w.8.1n.0.0.mmh.me5~any.script.e.2r.1.1p.0.0.1ph.1h5~any.script.e.2t.1.1q.0.0.a9t.a1h~any.link.e.p.1.j.0.0.r6.iu~any.img.y.j.2.7.0.0.2vm.2na~any.img.y.l.3.8.0.0.hw.9k~any.img.y.10.1y.0.0.0.0.0~any.css.19.r.f.8.0.0.wil.wa9&met.a4a=dcl.0~ol.0~nvs.1690264656950~ini.1690264657412
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:819::2003 Mesa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame AACE 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?s=ampad&ctx=2&puid=1~1690264657414&c=3446901797760416&qqid=CPHRs8OWqYADFf2d_Qcd3BoC2A&rt=any.link.c.1y.j.v.0.0.1c4c.1bw0~any.script.c.2e.1.1r.0.0.4au.42i~any.script.c.2k.6.1s.0.0.mmh.me5~any.script.c.2i.1.1v.0.0.1ph.1h5~any.script.d.2i.1.1w.0.0.a9t.a1h~any.link.d.12.1.v.0.0.r6.iu~any.img.h.m.3.8.0.0.2vm.2na~any.img.i.m.2.9.0.0.hw.9k~any.css.13.v.6.a.0.0.wil.wa9&met.a4a=dcl.0~ol.1~nvs.1690264656967~ini.1690264657414
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307180709000/v0/amp-analytics-0.1.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:819::2003 Mesa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame AACE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpldpUGS_ZPHpHP279u8P3LWIwA20lprrcbSGgpLPEbHSgbznAhABIITOmjJgleKQgqAHoAHe3Y21KcgBCakCIAErvjuwLz7gAgCoAwHIAwqqBKYCT9AqyNHrsjH9G6dmXjH1ae7m00aD9Zp6Tp9hLKnTpiOYVs_nbEKrai5XG9PfYBJMDjjhUVYfTNpu2aN5bDBq7Ju_KGgFxjCR90oFAgJeinAq_-RYA7RgNJsDJLwT8kJ2fyrNAEtfXeVub-NY66JFwvba8M_bo5zc77TII4JnII0O24aLwBAC5JREqgUT5nA4ig4PrlB4HL8-vGyWkQscWcXTXJGJAZ42xrOvETfJdPAMh0FiBrnMOfOn-xd3IkLy-5GcQQTSZfcWG71RglyE-85zKLP7-tE0flsBYj9HFHfchrlThSEkcY-UYdM9X4yefrmkPaonCfOMLvUjRJfeFCUBRXhhnfEqTU8sM7uHZhoLKwwoXMVWdyetGaS1tzko_KmaMRdswATBq9CevATgBAGSBQQIBBgBkgUECAUYBKAGLoAH-eSyrgSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxDnQdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqACgPICwG4E-QD2BMNiBQB0BUBgBcBshceChwIABIUcHViLTg5NjEyOTc2Nzc5Nzc0MTMYro0i&sigh=_rsKwx2qppQ&uach_m=[]&cid=CAQSPABpAlJWZPvuvKllk5k0z8hbfbq5FCdBoyL7-5C8LDO6E6D46YywfntdF8vpxgfLHQH7lp2BOdSAlvMDFRgB&template_id=484&cbvp=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 9E32 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zVmexA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:37 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
q
p.adlooxtracking.com/ 		77 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.adlooxtracking.com/q?v=gpt-92559af&c=532&t=1193&p=248&pn=%2Fnews%2Frealtime%2Fh&s=%2F64888526%2FHL_Web%2Frealtime_list-topbanner%09top_728x90_banner&s=%2F64888526%2FHL_Web%2Frealtime_list-LREC1%09RP1_300_banner&s=%2F64888526%2FHL_Web%2Frealtime_list-LREC2%09RP2_300_banner&s=%2F64888526%2FHL_Web%2Frealtime_list-LREC3%09RP3_300_banner&s=%2F64888526%2FHL_Web%2Frealtime_list-1x1%09RP1_1x1_banner&s=%2F64888526%2FHL_Web%2Frealtime_list-popup%09popup_ad&s=%2F21751243814%2C64888526%2F552606-300-250-16%09andbeyond30016
Requested by
Host: p.adlooxtracking.com
URL: https://p.adlooxtracking.com/gpt/a.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.231.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.231.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
ba52a8367e805d67058cf53ce9117203794257db295a2c34c941391516206c51
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-adloox-pubint-version
20230725002551
date
Tue, 25 Jul 2023 05:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-real-ip
45.141.152.74
x-adloox-pubint-commit
80ca8d3
via
1.1 google
x-adloox-pubint-commit-db
58bdfdbd6-dirty
server-timing
conn;dur=0.006, ua;dur=0.025, segment_pipeline;dur=0.235, segment_ip;dur=0.005, segment_iab-valid;dur=0.012, segment_iab-spider;dur=0.906, segment_bs;dur=0.005, segment;dur=1.336
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
server
nginx
vary
Accept-Encoding, origin, user-agent
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://hd.stheadline.com
access-control-expose-headers
x-adloox-pubint-commit, x-adloox-pubint-commit-db, x-adloox-pubint-version
cache-control
private, must-revalidate, max-age=3600, stale-while-revalidate=86400, stale-if-error=86400
access-control-max-age
600
timing-allow-origin
*
access-control-allow-headers
x-cloud-trace-context
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3446901797760416&correlator=657836116494739&eid=31072020%2C31070233%2C31061691%2C31061693&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=21751243814%3A64888526%2C552606-300-250-16&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&adks=2570538285&didk=1585714558&sfv=1-0-40&prev_scp=prebidtrue%3D0%26refresh1%3D0%26adl_dis%3D-1%26hb_format_getapp%3Dbanner%26hb_size_getapp%3D300x250%26hb_pb_getapp%3D0.03%26hb_adid_getapp%3D31ce8cc3487d8a6%26hb_bidder_getapp%3Dgetapp%26hb_format_criteointl%3Dbanner%26hb_size_criteointl%3D300x250%26hb_pb_criteointl%3D0.10%26hb_adid_criteointl%3D29ad0f93c10703a%26hb_bidder_criteointl%3Dcriteointl%26hb_size%3D300x250%26hb_format%3Dbanner%26hb_pb%3D0.10%26rtb_pb%3D0.10%26hb_adid%3D29ad0f93c10703a%26hb_bidder%3Dcriteointl&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26prebidtrue%3D0%26adl_ok%3D1&sc=1&cookie=ID%3Df12bd6ea5fd25f88%3AT%3D1690264656%3ART%3D1690264656%3AS%3DALNI_MZH3MJmXc4DrOqejYJMDlmfFaxhGQ&gpic=UID%3D00000c47677ac37f%3AT%3D1690264656%3ART%3D1690264656%3AS%3DALNI_MYrrehXnzjZ7ns9UCEZlpzWreoADA&abxe=1&dt=1690264657636&lmt=1690264657&adxs=1102&adys=1518&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fhd.stheadline.com%2Fnews%2Frealtime%2Fh&rumc=3446901797760416&rume=1&frm=20&vis=1&psz=300x22&msz=300x0&fws=4&ohw=300&ga_vid=923013097.1690264656&ga_sid=1690264656&ga_hid=1703895921&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY0K3_3JgxSABSAghkEhkKCnB1YmNpZC5vcmcY7a7_3JgxSABSAghqEhkKCnVpZGFwaS5jb20Yzq3_3JgxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGNKt_9yYMUgAUgIIZBIbCgxpZDUtc3luYy5jb20Ym6__3JgxSABSAghq&dlt=1690264654217&idt=1320
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9dc1bf8d8b2f0685c9cf02577fd6089c05492e4842916050b0b858c2cbc61f2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:37 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12610
x-xss-protection
0
google-lineitem-id
5971146196
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138254882280
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://hd.stheadline.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=2~lkhvxo9r&c=3446901797760416&e=31072020%2C31070233%2C31061691%2C31061693&ctx=1&met.3=708.31k_1~724.31l_1~774.31s~653.31t_c~774.328~653.329_e~774.32p~653.32q_d~801.333~801.333~844.333~844.333~825.334~355.334~825.334~801.334~801.334~844.334~844.334~825.335~355.335~825.335~801.335~801.335~844.335~844.335~825.335~355.336~825.336~54.336~598.336~708.336~598.336~947.336~38.336~708.336~708.336~54.336~598.336~708.336~598.336~947.336~38.336~708.336~708.336~54.336~598.336~708.336~598.336~947.336~38.336~708.336~708.337~647.337~965.337_1~947.34o~947.34o~573.34o~54.34o~598.34o~54.34o~598.34o~54.34o~598.34o~54.34o~598.34o~54.34o~598.34o~54.34o~598.34o~54.34o~598.34o~54.34o~783.369~783.36a~783.36a~680.37c~680.37c~680.37c~680.3c0~824.3c0~824.3c0~680.3c0~680.3c0~680.3c7~680.3c7~824.3c7~824.3c7~680.3c8~680.3c8~680.3c9~680.3c9~824.3c9~824.3c9~947.3dl~86.3dl~947.3dl~86.3dl~947.3dl~86.3dl~947.3dl~86.3dl~947.3dl~86.3dl~947.3dl~86.3dl~76.3dl~680.3do~824.3do~824.3dp~680.3dp~680.3dp~680.3dp~824.3dp~824.3dp~680.3dp~680.3dp~680.3dp~680.3dp~824.3dp~824.3dp~680.3dp~680.3dp~680.3dp~824.3dp~824.3dp~680.3dp~680.3dq~680.3dq~680.3dq~824.3dq~824.3dq~680.3dq~680.3dq~680.3dq~824.3dq~824.3dq~680.3gp~824.3gp~824.3gp~680.3gp~680.3gp~680.3h2~824.3h2~824.3h2~680.3h2~680.3h2~680.3h3~824.3h3~824.3h3~680.3h3~680.3h3~680.3h4~680.3h4~824.3h4~824.3h4~680.3h4~680.3h4~680.3h4~824.3h4~824.3h4~680.3h4~680.3h5~680.3h5~824.3h5~824.3h5~680.3h5~680.3hq~680.3hq~680.3hr~824.3hr~824.3hr~680.3hr~680.3hr~680.3hr~824.3hr~824.3hr~680.3hr~680.3hr~680.3hr~824.3hr~824.3hr~947.3k0~573.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~598.3k0~581.3k0~54.3k0~598.3k0~49.3k1~598.3k1~581.3k1~54.3k1~598.3k1~51.3k1~598.3k1~581.3k1~54.3k1~598.3k1~51.3k1~598.3k1~581.3k1~54.3k1~598.3k1~51.3k1~598.3k1~581.3k1~54.3k1~598.3k1~49.3k1~598.3k2~581.3k2~54.3k2~598.3k2~49.3k2~598.3k2~581.3k2~54.3k2~598.3k2~51.3k2~54.3k2~598.3k2~54.3k2~598.3k2~54.3k2~598.3k2~54.3k2~598.3k2~54.3k2~598.3k2~54.3k2~598.3k2~54.3k2~598.3k2~38.3k2~49.3l0~49.3l0~49.3l0~49.3l0~49.3l0~49.3l0~49.3l0~1.3l0~947.3l1~947.3l3~947.3l3~573.3l3~54.3l3~598.3l3~54.3l3~598.3l3~54.3l3~598.3l3~54.3l3~598.3l3~54.3l3~598.3l3~54.3l3~598.3l3~54.3l3~598.3l3~649.3l3~947.3l3~573.3l3~54.3l3~598.3l3~54.3l3~598.3l3~54.3l3~598.3l3~54.3l3~598.3l3~54.3l3~598.3l3~54.3l3~598.3l3~54.3l3~598.3l3~598.3l3~649.3l4~947.3l5~11.3l5_1~725.3l5~894.3l6~1132.3l8_4~808.3ld~808.3ld~705.3ld&met.9=5_37.31o~6_37.31s~5_38.326~6_38.328~5_39.32n~6_39.32p~9.0~3_43.3lc~7_43.0&met.7=CA8QDRgBIPAaKPAaMMoeONoDaPEacMYeeK6vAYABgq0BiAHx_AqwAQG4AQPAAb_emusG~CCcQBRgBIMQeKMQeMLYgOPIBwAGZlZ-gCw~CBsQBRgBIMceKMceMLkgOPEBwAHPxtriAQ~CBsQCiDnHjgpwAHO3IfIAw~CBsQDSDgHzhbwAHp_P2pDA~CBsQDSDlHzhIwAGX7pmtBA~CBsQDSDzHzhHwAHp_P2pDA~CBsQDSD4HzhCwAGny5isCg~CBsQDSD-Hzg-wAHp_P2pDA~CBsQDSDjHzh1wAGPia_CBw~CBsQDSCAIDhOwAHzx6Q3~CBsQDSDmHzitAcAB5IOfqA0~CBsQDSD9HzizAcAB8bXgGA~CBsQDSD1HzjxAcAB5uP_sAc~CBsQDSD5HzjxAcAB6fz9qQw~CBsQDSD6HzjuAcAB4L2m-g4~CBsQARgBIOkeKOkeMIMjOJsEwAGkoPylBw~CBsQDSCBIDjmAsABk_PnnAI~CBsQDSD0HziHBMAB7NaizQ0~CBsQDSCDJDggwAHv38euBw&met.10=1_43.CAAQABiAmHUgwR8oAA~1_40.CMU1EAAYgJh1IMEfKAA~1_43.CAAQABgAIKkkKAA~1_43.CAAQABiAmHUgtCQoAA
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4007:819::2003 Mesa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:37 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 70E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6bOTQ-GqDyBD70MeXjNt3DW07z5o8yXuoTJ3VkyUQVa1WfESLE_bf5MuP8M2mR724is8vDHSWnPJf2HgJ3e8iOlbprj-976FbolUiVAvc7qrMVfi7zNtPFAsCzwr_rwQGlzQOIU3cHLcuWboQ52YeUl3zOGbSVLxVf9JNgMXM6tgyasTYVKKrbn1tVzjMztxEUEO6liN4As-FnTsGC4JXxeArt22f9ONYC1hDUzXYRNR-zcw-EGGvvCMDpGLa86KKZbaAGInJHCozxpBbgYlhZKOoOFQlYPJn2pS90xOTHhRsgLWZ3FNZPeptp26sHjy0j3teYF8TqQw-__Nc6LrS-w&sai=AMfl-YQQOjGjzBuUqMFoRglIgos0i_ey9nz6AiA1aMC1RVAdf8rqlC-4zIKDT-4A9olj6ocfxtTjduTCxW5htdO-fWaZZl8hE3tTJdXGMXAW54NqAEulZ1qVWCBCka60rGc&sig=Cg0ArKJSzEgCsxInCgxyEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:37 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame C43C 		125 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
668e82f27aa036ea0b7c06d8ffe942dd203e6a3bc084b00b465e0dee98041e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jul 2023 05:57:37 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=vDcxrDUakTpzpqidStptXFcq1rZoyeB0TcDRTxubYkw2OydNt06TsJJoVNY4YhtNNdAsFiizdLa9TnNSlYrYlsD3dIEjs2mIjCNtEvjbD8gpS9uCApUE3JrzbRpn8tmUOUUqk3lCKC9g0BhtO5A6kq70EXqrsM54K2TXj1h7Cnu8hWUnIpICraGfsFM46SzAK93RBSZ9pe2c2ekHr1hxySuAXoxoQBq0q0_9tRC5VI2vFfWX8wx0cyFhrMzLZASoMs-XQA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
39865598
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 70E5 		179 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 25 Jul 2023 05:57:37 GMT
tpd
cat.nl3.eu.criteo.com/ Frame 70E5 		43 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/tpd?dd=v_7lS19sTmt5eUpPZ0M0JTJCU1lmc0ElMkJXT0slMkJRTGQ2aG9XQ3NMSlJlJTJGM0l1SEROVUE3cCUyQmszYm5nYUFSaFZPSUlpbmF6WHF4a3VuaXREUEZOMWM2M29abktTRldlNEQ5MVRDb2JOV0NwemhFOWhjS2N3NG5BenlYc2R2V3NEVEdIWG5mc0NjcnduZ0FsSEpCYzNsUnVtcVpMTFFYYXZKOVJBaU8lMkZSYVJsamNJeFBDWjN5REt3ZWpuVlhubXZsWjl5ZEtocUxzclpTc2dFTlRuVGR0TkhGUEs3bWwlMkZnSzhwVzBzSXMyS21hJTJGRFA2N1hoaVhLbmlMR1ZDaWpQMkxSNmFWNlRkU1U5Mm5Odks1c1VpY0NHUkg2WTFXRXFrRCUyQjhRMkxlQzZjZHg0a1pydyUyQlIweTNSQjZubER1dzZGRiUyQjViaFolMkZTdkcxTlZXJTJGdjVZN0JVb004ekpXSmFpWFNhMTlXJTJCQzlzR2tmc3Npcng2aGw5TGlVamNiYWhITHd0N0lrdUgxU0pZYmd1U2tHcVFXdjNPR3VBaEN1TCUyQkI2V2N0U0VVd1lka2dqQkN1b3BIM1g1NGxsMTNOSTNsU2NSS1lwbHpFJTJGSUk
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-max-age
1000
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
169096
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
view
securepubads.g.doubleclick.net/pcs/ Frame 70E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv5_VyQoEXVN8nc_IdcU22GYxmld8UCXsD27fag8-v8ZgBw0TyUAaIiykQ5jV2QNFsaYlE_qXVlL-HKnxImTErRCaeUENNgoSfoEBoHJCvRZvpK-72i2JDpbcUNw7r28XItpBzgLMc2sw9KIdw7gvf9mol5ij5wYoJAA0hoooZMk9aG-lDTvcNLmNnMPkdcCXZJRMNBBTSrah_H0e4kz-grtdMYBK1Ge7560-32TurTEXEjGX4yCxUs1XwUTLKer8-YxrX4D7ALqe0hueN9CznbT9-O_oy95KMmHrDxSdDz2m467X7HdQbnlkIHv9xZLpOW53SIkZ2aGxpeQ6JcKCNMp2El&sai=AMfl-YSSc-arFgGLxE3SQmuNZYr4qeBlBX5zE7BK-BhVE6fgsMfs7w_ODN8Sj6T7SrlPq38ACllp3TgKg-Nah5JgMwI3O223Sx-nUzP-veQ8pm-xB9E_9GyzO1h2qB4fqos&sig=Cg0ArKJSzIC20v2vrBQ9EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 25 Jul 2023 05:57:38 GMT
truncated
/ Frame 70E5 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f76efb37e83ed9a2973dc1e570053f91931a6547e0a0bfa1e3e1eb1927cb552

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame C43C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Jul 2024 05:57:38 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C43C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Jul 2024 05:57:38 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C43C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 19 Jul 2024 05:57:38 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C43C 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 19 Jul 2024 05:57:38 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame C43C 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=nGRXe8ovQoVFrCVkwdXma9s8Xhqg4pCfFLshV_M6CUtLSjHPr5ZbMeCmzur18qdWMRDqjnQdZYMTEzIkvAkSJJo-ud1JxoX6jrVmlHsUEfOZ-6HMSUSGRb-hcuc_hO03UW5zMda9c7-ISp-ojn2-odT9ywJMkHc-y8Jia50b5O4w-mVI6UQQLuIpTJCox5j6saitw6t7xu57tzm8TUBFU_d-1iOLvzhfchtbvzFtXnDHqqP4CmPnl5jLnKpzPYcLk2_wYQ1cc_DzZQH3zzPzFAfMMWoCeMKghOk5Dw7K-7gTskaoff3JfDjZVEs6llNAmuq_dYZJ8iUPCrO449QDGnNV5L4Th7Dh8lE5kYyupu4T8RSNod2HD2Ubu5VcfsOF3RndVtOwfG_pSJ81cuGIMTLSHq7IwGk1S8Nbqwv55-_-aj0v-CXTP8ezpJ5lhtc1Lt5y6xz_JFx6rI0YbMH7J6IycDU
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2166051
expires
Mon, 26 Jul 1997 05:00:00 GMT
dis.aspx
widget.nl3.eu.criteo.com/dis/ Frame 0FF5 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widget.nl3.eu.criteo.com/dis/dis.aspx?pu=186190&cb=64bf6451733217ee8e41e534baf20c44&r=https%3a%2f%2fhd.stheadline.com%2f&crossorigin=false
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d9f9ed2611a1e707f9f04206b37a721903ef9c0f355913c4f955826ecf57f777
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-encoding
gzip
content-type
text/html
date
Tue, 25 Jul 2023 05:57:37 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
1896689
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
vary
Accept-Encoding
animejs.js
static.criteo.net/animejs/ Frame C43C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Jul 2024 05:57:38 GMT
img
imageproxy.eu.criteo.net/img/ Frame C43C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=100829&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F100829%2F230210%2F43717e5a66d541e4b408fab0a449b302_7a3c9623-54a6-4936-a6f1-2759b402556c.png&v=3&w=596&s=TBq1vbEUZETSyL9UCaINuAqI
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ab6a9a2566423afd0793e0dfcfe5532c60a21916d501641c88ba6d5d6cec9d59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
content-length
3260
expires
Tue, 11 Jun 2024 03:17:18 GMT
img
imageproxy.eu.criteo.net/img/ Frame C43C 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=100829&q=80&r=0&u=https%3A%2F%2Fwww.geekom.de%2Fwp-content%2Fuploads%2F2023%2F04%2F10-IN-1-USB-HUB-GEEKOM.webp&v=3&w=400&s=iqnk1mlYPbjcg1UkqiwUdzc9&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
08b9636b6775125253e8c852c70e1e86af7d3f18472e95ebcbd5213cf5da7a13
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=3600
content-length
6114
expires
Tue, 25 Jul 2023 05:57:40 GMT
all
csm.eu.criteo.net/ Frame C43C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=vDcxrDUakTpzpqidStptXFcq1rZoyeB0TcDRTxubYkw2OydNt06TsJJoVNY4YhtNNdAsFiizdLa9TnNSlYrYlsD3dIEjs2mIjCNtEvjbD8gpS9uCApUE3JrzbRpn8tmUOUUqk3lCKC9g0BhtO5A6kq70EXqrsM54K2TXj1h7Cnu8hWUnIpICraGfsFM46SzAK93RBSZ9pe2c2ekHr1hxySuAXoxoQBq0q0_9tRC5VI2vFfWX8wx0cyFhrMzLZASoMs-XQA&sds=2&rev=87574&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 25 Jul 2023 05:57:37 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C43C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Jul 2024 05:57:38 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C43C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 19 Jul 2024 05:57:38 GMT
sync
x.bidswitch.net/ Frame 8FCB 		43 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-oaM4oTIQcBd65Z2lQcMrb7vgxJj54RaOZ6F5yw&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.36.208 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-36-208.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 8FCB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-pSVpWjIQcBd65Z2lQcMrb7vgxJjBhxxpNvbVzA&google_cm&google_hm=ay1wU1ZwV2pJUWNCZDY1WjJsUWNNcmI3dmd4SmpCaHh4c...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pSVpWjIQcBd65Z2lQcMrb7vgxJjBhxxpNvbVzA&google_gid=CAESEME7BCS-WNbtiYmbzRmCrMc&google_cver=1&google_ula=913071,0
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pSVpWjIQcBd65Z2lQcMrb7vgxJjBhxxpNvbVzA&google_gid=CAESEME7BCS-WNbtiYmbzRmCrMc&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1605172
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:38 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-pSVpWjIQcBd65Z2lQcMrb7vgxJjBhxxpNvbVzA&google_gid=CAESEME7BCS-WNbtiYmbzRmCrMc&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 8FCB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1776016083629542497
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1776016083629542497
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:38 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1208272
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:38 GMT
an-x-request-uuid
3ea63613-8c14-4f57-bdf4-eea74f1fc675
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=1776016083629542497
x-proxy-origin
45.141.152.74; 45.141.152.74; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
secure.adnxs.com/ Frame 8FCB 		43 B
850 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/setuid?entity=52&code=k-hveYpjIQcBd65Z2lQcMrb7vgxJgyhc_U00mW9w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:38 GMT
an-x-request-uuid
3ecc4061-6b90-4129-8bc3-c10cbd150ee3
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
45.141.152.74; 45.141.152.74; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 8FCB 		61 B
796 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-ilP6eDIQcBd65Z2lQcMrb7vgxJijgD4Wn70RxQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.148.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-148-20.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Tue, 25 Jul 2023 05:57:38 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Tue, 25 Jul 2023 05:57:38 GMT
tap.php
pixel.rubiconproject.com/ Frame 8FCB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-STodqTIQcBd65Z2lQcMrb7vgxJg-c3O9OuLV9A&expires=30
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 8FCB 		0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-dxKLZjIQcBd65Z2lQcMrb7vgxJiRfp74OtKzmg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.243.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-243-79.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 8FCB 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-WcpP8DIQcBd65Z2lQcMrb7vgxJhljDLxKHjT3w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.150 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 8FCB 		0
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-KJFtPzIQcBd65Z2lQcMrb7vgxJhaGB30Eukr3g
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
12848
um
criteo-sync.teads.tv/ Frame 8FCB 		23 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-n5ujMTIQcBd65Z2lQcMrb7vgxJiQ9AW2Y15vFw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires
Tue, 25 Jul 2023 05:57:38 GMT
pragma
no-cache
date
Tue, 25 Jul 2023 05:57:38 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 8FCB 		37 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-EdQj4zIQcBd65Z2lQcMrb7vgxJjj4N-CMbMb1Q&dongle=013b
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
sync
ups.analytics.yahoo.com/ups/58301/ Frame 8FCB 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-4BExlDIQcBd65Z2lQcMrb7vgxJgpeD6kBikkqw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.adform.net/ Frame 8FCB 		43 B
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-4WofujIQcBd65Z2lQcMrb7vgxJid5-Y33xxXZw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
last-modified
Thu, 11 May 2023 07:59:59 GMT
server
nginx
accept-ranges
bytes
etag
"645ca07f-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 8FCB 		49 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-3k57ljIQcBd65Z2lQcMrb7vgxJhouqG71PpsTw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:37 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 8FCB
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-eQOO6zIQcBd65Z2lQcMrb7vgxJiH7UwaYkHSjQ
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-eQOO6zIQcBd65Z2lQcMrb7vgxJiH7UwaYkHSjQ&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-eQOO6zIQcBd65Z2lQcMrb7vgxJiH7UwaYkHSjQ&C=1
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jul 2023 05:57:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 25 Jul 2023 05:57:38 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=20&external_user_id=k-eQOO6zIQcBd65Z2lQcMrb7vgxJiH7UwaYkHSjQ&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
ibs:dpid=28645&dpuuid=N20gDkqMAWee0fkxNvqMgBhRO1dD98z9
dpm.demdex.net/ Frame 8FCB
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=N20gDkqMAWee0fkxNvqMgBhRO1dD98z9
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=N20gDkqMAWee0fkxNvqMgBhRO1dD98z9
Protocol
HTTP/1.1
Server
34.243.61.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-61-200.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

DCS
dcs-prod-irl1-2-v050-08bfea1d2.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
vNVxVT8DRQY=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=N20gDkqMAWee0fkxNvqMgBhRO1dD98z9
date
Tue, 25 Jul 2023 05:57:37 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
645931
content-length
0
9.gif
id5-sync.com/s/966/ Frame 8FCB 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-V3wpcTIQcBd65Z2lQcMrb7vgxJhdi6pISf5c-w
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 25 Jul 2023 05:57:37 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ul_cb/ Frame 8FCB
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-XyveRjIQcBd65Z2lQcMrb7vgxJh1M1-hzigY2g
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XyveRjIQcBd65Z2lQcMrb7vgxJh1M1-hzigY2g
43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XyveRjIQcBd65Z2lQcMrb7vgxJh1M1-hzigY2g
Protocol
H2
Server
54.77.30.253 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-30-253.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 25 Jul 2023 05:57:38 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-XyveRjIQcBd65Z2lQcMrb7vgxJh1M1-hzigY2g
access-control-allow-origin
*
date
Tue, 25 Jul 2023 05:57:38 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 8FCB 		42 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-KG2ipjIQcBd65Z2lQcMrb7vgxJiuhciEIJjZ_Q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:37 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 8FCB 		0
878 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-9Dkd3zIQcBd65Z2lQcMrb7vgxJgo65fu125cMg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.161.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-161-8.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
cookie-sync
sync.outbrain.com/ Frame 8FCB 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-6t0wdzIQcBd65Z2lQcMrb7vgxJjZ9ge5al2V6g&initiator=partner
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.255 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Tue, 25 Jul 2023 05:57:38 GMT
Cache-Control
no-cache
X-TraceId
f2bb31c3de4ae094210eebacd1ed05a8
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 8FCB 		42 B
583 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-nbiOLDIQcBd65Z2lQcMrb7vgxJh_8bkIqTkLHg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 25 Jul 2023 05:57:38 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
sync
criteo-partners.tremorhub.com/ Frame 8FCB 		43 B
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-HKimJjIQcBd65Z2lQcMrb7vgxJhRWicR_k2-MQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:1a4b:d3bd:f875:7f1 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Tue, 25 Jul 2023 05:57:38 GMT
server
nginx
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 8FCB 		43 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-pHV8ojIQcBd65Z2lQcMrb7vgxJiDuP9QmMAnCA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 Berlin, Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 25 Jul 2023 05:57:38 GMT
server
Apache
x-powered-by
PHP/7.3.29
content-length
43
content-type
image/gif
m
ad.yieldlab.net/ Frame 8FCB 		0
400 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-TY1l8DIQcBd65Z2lQcMrb7vgxJhm4ndBMazcHQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 25 Jul 2023 05:57:38 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Mon, 24 Jul 2023 05:57:38 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 8FCB 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-ei_ppDIQcBd65Z2lQcMrb7vgxJjJmp6bJAEmoA&pn_id=criteo&ext=1
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.30.155.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-30-155-207.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
content-length
0
put
e1.emxdgt.com/ Frame 8FCB 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-4S35GjIQcBd65Z2lQcMrb7vgxJhLzha8vhyKxw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?u=%7CaEpYiMeyylmZpxMZ4Myl8pW%2FYBX%2BYoAHnDawEXaruKU%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU87wj3YFRXFC2ibcv-sGFc2eDlqjy2zdU2pqJfpuloD__bXxMfcWilPRcN4I1SmXCDfEmd9hZOaed1woXN_TR24xNi6E2riMeJDvFE6fqTKCj1SHshQvjnkejZ9yfijF25fK-weeJhfiLctFkBX4OJFlhKiFKKM3k0xOHBx7YhrcdhxNhr6l23he0eOJiVpJUSuB8RtfKtfNqgzRYbtEkjOChbW551-BQLQHQky54cWlx0Coeb02LuKUctrSlCFXwYYZLYxfmxx20t2JbMjLHlbSG20LMEJ6MWwOQ4GXQxLtZ7ydZOTtuYm_pUvgKopgtWWMvIFzmZl1KhH2_LRb7dJmBRCOfXq5K895viddeoRxS2D6wo1jPBPyqgJLcMfMNq-yifcnBCdnfgfUv9QNoiXP9RM7nf2gV43xEQ0qDr6X43QO_gPeHpUmRNPq3ypnvH27da8WTI-tHziovu8yACtcjC4Gy9WjO0KOXtrqNxUKI-UT8nn-R64EYhyzw6J0Yi9bINhEfrZ7S7dELUOJd6fbvm3ixmZtemxDOAvGR1h8r6MwB05WgOcj6beKe9AdNgM7dpkEsSuy2SdmO_SpaSn-QAz3DuyDbWRzO4w_iw6jRfPAkcWBPJD4w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.162.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-162-173.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:38 GMT
server
awselb/2.0
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 70E5 		62 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: hd.stheadline.com
URL: https://hd.stheadline.com/news/realtime/h
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4427770d30ccf8b4e950d8d03a9d4ec0e4976ed6cc85b793aab1c7d9ecf8fda0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:44:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
809
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23841
x-xss-protection
0
server
cafe
etag
13335932594914250126
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Tue, 25 Jul 2023 06:44:09 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=3446901797760416&bg=!NDelN2PNAAZsPphkTD47ADkAdvg8WmSjLesPcI4QgMLfDXgvQNxowfCLpagt99AWN8vri1SgOil8XRkYyqRRlOw02aOX7kjhZlwCAAAA6lIAAAAcaAEHmQLgWUA7B_3n2ioYZprBeNjP48zQDJCAuKzF4jCuBEWJEmOebLLpa8l21DkA6vINyJHiJRklb0TVyZbhrqf6umXnFW5r6UybK1L2_DO7dJT6UZCw1Pkz1Y4dup7slvyMydLGyFwmO0mZmqeINtxk_RrvAY-c8MjXhVmJNnznxtg3tWc6LCh3q6WXd9EaS2aBTnUKqGt96zXZpAkHpJH59fVOwePALC8-8n_nwDf1MqBZ7pg6xzoP4iieQtPetpjgroc7GM2KWqvDG--G5eQib5FuVwWfdSibBckPejqBObG_U6X2gTFy7dVDkDCHnjHRJT4X60uwge_cmv2BsH72--KGV-nslOnN5gFZKBRg8eiF212M4PXcekbb8fxRjeungsRYzbYEb1RCTIjTo8bSmuKKjuuUZhLPo7TqqHk9UMT1NdrikPZr6uaMNp7Kmm9yI55-fRI0MIzv1j9nDefb4I_sUDRPrz5STULkoYaet9ZsMvNK05nKoahBB2oYv-sxE_7N3KM2gCOhxv0WsunFwKhc2YyXtYNOH3fISlS08YAznrK_plQeVoK-YNLbAfGp5xbUl7g6DoOsa-4CecKWmPL4tSHJKjxB97H41dR9jAb0vYCna8wmRmqHsklKZUkxgrxUC6P9BBWkn6BhaKgxDdws43HezYiKGt6B7jlolIouiWble8SxGhWfzNTtMxzq-ElZBSt7CrI519aeALoeNoH8IVIJcjbsxBBBzzOvE_Ytd0gbWlUMYAsyBNyagvLSg2z7qrWMJdvseP090DKb09DlkZnl0bblyJk_IqNGS8MMZqdhHYDCj2uLJI8viEuX2HqIlL4cMrnzQSw_js5m1BJ9_WxMKl9W4P3fJDFckpisC81DCNHT8GOHiJlArHMyqoUykKUn89gljl7sm_QJUHUrLJTeGffJ_MSwqRKN9Eajkd6KAfrtxtCIPRGG-hp-tzevzvS0GwpN5wox9uy-fXiQeg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers
csi
csi.gstatic.com/ Frame 70E5 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lkhvxp9q&chm=1&c=3446901797760416&ctx=2&qqid=CKL9-8OWqYADFViR_Qcd3DQA_Q&met.4=fb.c~lb.2t~ol.86~idt.t3~dt.-7l&met.3=739.2t~736.2x~735.2z_1~740.36_1~738.85~113.8r_1~112.8q_1&met.1=1.lkhvxp11~14.0~15.0~16.0~17.0~18.0~19.1~20.1~21.1~22.36~23.36&met.7=CBsQCDgC~CCIQBBgBIBAoEDA-OC5oEHA9eKwCsAEBuAED~CBsQBSAROJQC~CE0QChgBIBMoEzAzOCBoFHAueKHCA4AB9b8DiAHGlwuwAQG4AQM~CBsQBiAUODc~CCIQBBgBIF8oXzCeATg_UF9YcGBfaHBwnQF4rAKwAQG4AQM~CCgQChgBIKkCKKkCMLUCOAxoqwJwsgJ4zbwBgAGhugGIAZTyA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4007:819::2003 Mesa, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:38 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 8FCB
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=u2A2Z21KhohCKGu5SvKSRwMo8KpjrqGD
0
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=u2A2Z21KhohCKGu5SvKSRwMo8KpjrqGD
Protocol
H2
Server
108.128.74.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-74-29.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-served-by
beacon-n001-dub-prod.krxd.net
date
Tue, 25 Jul 2023 05:57:38 GMT
cache-control
private, no-cache, no-store
x-request-time
D=92 t=1690264658
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=u2A2Z21KhohCKGu5SvKSRwMo8KpjrqGD
date
Tue, 25 Jul 2023 05:57:37 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
642969
content-length
0
cs
s.thebrighttag.com/ Frame 8FCB
Redirect Chain
  • https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
  • https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=brX8OBoW8Bouqp0PJ665mQ-LD2Qip-0f
35 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=brX8OBoW8Bouqp0PJ665mQ-LD2Qip-0f
Protocol
H2
Server
3.141.189.42 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-141-189-42.us-east-2.compute.amazonaws.com
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:38 GMT
x-bt-requestid
29270da0-2ab0-11ee-813e-0000ac17015d
server
nginx
content-type
image/gif
access-control-allow-origin
p3p
CP=NOI DSP COR NID
cache-control
private, must-revalidate
content-length
35
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=brX8OBoW8Bouqp0PJ665mQ-LD2Qip-0f
date
Tue, 25 Jul 2023 05:57:38 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
671841
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 12A9 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvUb0M_tJhtn6YfWDcYPe_7bhc64oHNeRUyD3_PdTYC67ZbmYbrn_hfiRte2wJW65M5lGeVlqELiRyA8ALfI1A77CYZPQEQB5EHxO_dNfZ9LHEMatS5e6ptFjbwt2GdAa1wjxfLlgIo9H_v&sai=AMfl-YQjWn5DSf4l09lh0kLHDmvvXdlb8OK-aaw_RAB6wfAMhXVUeTN4g_OxJ2zpZGFEMLj45B2DLcdgzn3CUPOVFH2RuVfsKNdLWSpPE4KAPjIoGt3K7c_VJtQPy7uU&sig=Cg0ArKJSzNQ6KlXO7UdZEAE&cid=CAQSPABpAlJWZPvuvKllk5k0z8hbfbq5FCdBoyL7-5C8LDO6E6D46YywfntdF8vpxgfLHQH7lp2BOdSAlvMDFRgB&id=ampim&o=0,125&d=1600,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=463&tls=1463&g=100&h=100&tt=1463&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame ED82 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQuMYdSvsqtwnl93eGNEs-ohjV3FXiMP8cduna7NfLtJC9ve11WAP0jJgQgHSOcSqYmSwd9WdUNj_CIN5HtD4GzFwJc7K7-11AEnlq_Y4AlLFJiPB58AG-RVVRU_Ls8Nn8mLrshin7FTuK&sai=AMfl-YQ82cmkViG34a1coD1VeUUSAJQd8QTfdWNNj1TYb3v59cpDI0LvZ7LmbVzLr_BHcnwIsTA-YLO757AnMAEO_wFJEBEvV1cuKzWgCPMWVPPUYoAr9DNZARdk4x3-&sig=Cg0ArKJSzEFiiM5TmzLaEAE&cid=CAQSPABpAlJWZPvuvKllk5k0z8hbfbq5FCdBoyL7-5C8LDO6E6D46YywfntdF8vpxgfLHQH7lp2BOdSAlvMDFRgB&id=ampim&o=1102,405&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=458&tls=1458&g=100&h=100&tt=1459&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame AACE 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstafGGFtJtRbtokxPDQkJcrw6xT4apPGptIDZ2nqFeIyXrKJSZSJeonWLpAqaf1QgfVAvE4VhVbPsz_ecn_5QGt9-bNDk7_FleBpqHi6SAgTCq0NFMZPRUSTgZy55PLg2NbOvtvj_PNrCif&sai=AMfl-YQmPVceXPWMZmpRm1-6JWaRk_BcIkkGLnRUfOtjqy8BUpqzObAlz_tZ7la22zkm3QHZN5XtSc83S7jytSlkW4h75pQWilV1SHOoWEA1SsCf2r4JJsas_FqP7Dza&sig=Cg0ArKJSzGUu1UX8opnSEAE&cid=CAQSPABpAlJWZPvuvKllk5k0z8hbfbq5FCdBoyL7-5C8LDO6E6D46YywfntdF8vpxgfLHQH7lp2BOdSAlvMDFRgB&id=ampim&o=1102,665&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=450&tls=1451&g=100&h=100&tt=1451&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
impstats.php
prebid.andbeyond.media/ 		69 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.andbeyond.media/impstats.php?aff=552606&type=pv
Requested by
Host: rtbcdn.andbeyond.media
URL: https://rtbcdn.andbeyond.media/prod-global-552606.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.133.90 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-133-90.ap-southeast-1.compute.amazonaws.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
66cd9dea03796bd0afc40235cd5ab7a0c1b7d164b753756228682048c361973c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 25 Jul 2023 05:57:38 GMT
Server
Apache/2.2.15 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/5.3.3
Content-Length
69
Content-Type
text/html; charset=UTF-8
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hd.stheadline.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 06 Apr 2023 09:13:32 GMT
server
nginx
etag
W/"642e8d3c-15c1d"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 26 Jul 2023 05:57:40 GMT
984.json
id5-sync.com/g/v2/ 		241 B
652 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/984.json
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
006884f855e616f5085dd71bca89a46eca1b5a6b649ea568e3b5858bc5519ed3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://hd.stheadline.com
date
Tue, 25 Jul 2023 05:57:42 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
rid
match.adsrvr.org/track/ 		63 B
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
eea49075e644c9e9983d50dc1c7cf8ba4099e07e561b55cc2e9cffba1fb1f283

Request headers

Referer
https://hd.stheadline.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 25 Jul 2023 05:57:42 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://hd.stheadline.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Thu, 24 Aug 2023 05:57:42 GMT
pd
u.openx.net/w/1.0/ Frame C397 		0
71 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Tue, 25 Jul 2023 05:57:42 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
/
onetag-sys.com/usync/ Frame 73C6 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 91C6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156181
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=65462
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 25 Jul 2023 05:57:42 GMT
expires
Wed, 26 Jul 2023 00:08:44 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E9AC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=65462
content-encoding
gzip
content-length
5606
content-type
text/html
date
Tue, 25 Jul 2023 05:57:42 GMT
expires
Wed, 26 Jul 2023 00:08:44 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-all.html
adxbid.info/ Frame 32D5 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: rtbpass-us.andbeyond.media
URL: https://rtbpass-us.andbeyond.media/prebid-custom.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:c409 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9

Request headers

Referer
https://hd.stheadline.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ec22abd9dc491f3-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 25 Jul 2023 05:57:42 GMT
last-modified
Thu, 26 Jan 2023 09:50:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMOW6XieHDHMdduZsfSHO9NBJw%2BxurDT74Dhp%2F9vbjjkl%2FeYI1QstjJ6GkqowfwgjhXkmyYApyC3H1kxQaSV7GUBP1EED0ydYcbirBEY%2B49s5zA0Y6RbiFm5hxW6lHWfYgKS8iRccdcNFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
sync.html
s.console.adtarget.com.tr/ Frame B95A 		0
0
PugMaster
image6.pubmatic.com/AdServer/ Frame E9AC 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79663355&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
044c2f6982f082889a0607ceece3666188c3ddefad8a3fb9c93a77ddfb13954d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 25 Jul 2023 05:57:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
getuid
eb2.3lift.com/ Frame 32D5 		37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/getuid?limit=50&redir=https%3A%2F%2Frtb.adxpremium.services%2Fsetuid%3Fbidder%3Dtriplelift%26uid%3D%24UID
Requested by
Host: adxbid.info
URL: https://adxbid.info/sync-all.html?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adxbid.info/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:42 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
setuid
user-sync.adxpremium.services/ Frame 32D5
Redirect Chain
  • https://as.ck-ie.com/prebid.gif?limit=50&redir=https%3A%2F%2Fuser-sync.adxpremium.services%2Fsetuid%3Fbidder%3Dsmartyads%26uid%3D%5BUID%5D
  • https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=4c4be1b0ae48ad6e67f75fe64d27f90588619a30c1b2409bbcf877db9c24a174
0
0
Pug
image2.pubmatic.com/AdServer/ Frame D641
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8518623629721075858
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8518623629721075858
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 25 Jul 2023 05:57:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8518623629721075858
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 0BBF
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 25 Jul 2023 05:57:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 25 Jul 2023 05:57:42 GMT
expires
Tue, 25 Jul 2023 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
6369681
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame 7738
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685628760180469
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685628760180469
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 25 Jul 2023 05:57:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Tue, 25 Jul 2023 05:57:42 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5109685628760180469
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
aax-eu.amazon-adsystem.com/s/ Frame 35EF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=64D417E5-8C65-467E-B587-791F5154E1CC&redir=true&gdpr=0&gdpr_consent=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=64D417E5-8C65-467E-B587-791F5154E1CC&redir=true&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=64D417E5-8C65-467E-B587-791F5154E1CC&redir=true&gdpr=0&gdpr_consent=&dcc=t
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.224.150 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Tue, 25 Jul 2023 05:57:43 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
NZSPXVZ3CEA2ZY13TZXR

Redirect headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Date
Tue, 25 Jul 2023 05:57:42 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=64D417E5-8C65-467E-B587-791F5154E1CC&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
FJ2CA9Z1BZ1VE29JDN3V
Pug
image2.pubmatic.com/AdServer/ Frame 0012
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4LxpfOC8Piz76jMr47Ame7S7PH777Toot-0boKFN
42 B
335 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4LxpfOC8Piz76jMr47Ame7S7PH777Toot-0boKFN
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 25 Jul 2023 05:57:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Tue, 25 Jul 2023 05:57:42 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=4LxpfOC8Piz76jMr47Ame7S7PH777Toot-0boKFN
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
csync
sync.adtelligent.com/ Frame 87F0 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=64D417E5-8C65-467E-B587-791F5154E1CC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.172.77 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Tue, 25 Jul 2023 05:57:42 GMT
Etag
03ad0c04c830cea5
Server
Adtelligent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E9AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ZNQX5YxlRn61h3kfUVThzA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
23.32.184.192 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:42 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=65462
accept-ranges
bytes
content-length
5606
expires
Wed, 26 Jul 2023 00:08:44 GMT

Redirect headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame E9AC 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=64D417E5-8C65-467E-B587-791F5154E1CC&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.8.176 -, , ASN (),
Reverse DNS
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:42 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.26.198
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame E9AC
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=2461674106
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=64D417E5-8C65-467E-B587-791F5154E1CC
0
284 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=64D417E5-8C65-467E-B587-791F5154E1CC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
34.111.131.239 -, , ASN (),
Reverse DNS
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:42 GMT
via
1.1 google
last-modified
Tue, 25 Jul 2023 05:57:42 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=64D417E5-8C65-467E-B587-791F5154E1CC
date
Tue, 25 Jul 2023 05:57:42 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
/
dmp.adform.net/serving/cookie/match/ Frame E9AC
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=64D417E5-8C65-467E-B587-791F5154E1CC
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=NGk0cmF3VVZHc0tUbkczeElzNmt5N3g5Zw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
0
0
Pug
image2.pubmatic.com/AdServer/ Frame E9AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NjRENDE3RTUtOEM2NS00NjdFLUI1ODctNzkxRjUxNTRFMUND&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 25 Jul 2023 05:57:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame E9AC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPWzCCrWHLUzKNf7AOMrn-w&google_cver=1
42 B
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPWzCCrWHLUzKNf7AOMrn-w&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
185.64.190.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 25 Jul 2023 05:57:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:42 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPWzCCrWHLUzKNf7AOMrn-w&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame E9AC 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.204.74.118 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 05:57:42 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Mon, 24 Jul 2023 05:57:42 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E9AC
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4383706241418646244
42 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4383706241418646244
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Tue, 25 Jul 2023 05:57:42 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 25 Jul 2023 05:57:42 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4383706241418646244
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame E9AC 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 25 Jul 2023 05:57:42 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.console.adtarget.com.tr
URL
https://s.console.adtarget.com.tr/sync.html?aid=755289
Domain
user-sync.adxpremium.services
URL
https://user-sync.adxpremium.services/setuid?bidder=smartyads&uid=4c4be1b0ae48ad6e67f75fe64d27f90588619a30c1b2409bbcf877db9c24a174
Domain
dmp.adform.net
URL
https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=

Verdicts & Comments Add Verdict or Comment

701 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| customCuePoint object| triggerCuePoint string| current_url object| split_url object| digitalData string| du_vid string| du_vtitle string| pageNameStr string| priCat string| artiName object| cat_ch string| coloumnTitle string| newsTitle number| time_interval number| geopercent number| geoedge number| min_view_andbeyond number| min_view number| timebased_refresh_andbeyond number| residual number| refresh_andbeyond number| number number| refresh number| iframes string| machine_rules object| label_adapter_video object| label_adapter_display object| config_rtb object| adapter_rtb_new string| home_country object| adunit_network function| getQueryString_val_new string| sitemainurlandbyeond object| andbeyondhttp function| getQueryString_val_dq object| lineitemidcode number| adslot88 object| observ object| slot_vis object| start_time object| total_vis string| country_rtb1 string| city_rtb undefined| city_ip string| city_region string| Countrytimezone number| timedate1 number| andstatus300 number| andstatus3001 number| prebid_active number| newtestunitcount number| adlooksstatus number| adlooksstatus1 number| adloox_fraud number| andbeyondadult number| netacuitycpde object| block_url object| and_geo_block number| width number| height number| size3001status number| size3002status number| size3003status number| size3004status number| size3005status number| size3006status number| size3007status number| size3008status number| size3009status number| size30010status number| size6001status number| size6002status number| size6003status number| size6004status number| size6005status number| size7281status number| size7282status number| size7283status number| size7284status number| size7285status number| size9701status number| size9702status number| size9703status number| size9702501status number| size9702502status number| size1601status number| size1602status number| size1201status number| size1202status number| size3201status number| size3202status number| size3203status number| size3204status number| size3205status number| size1001status number| size1002status number| size1003status number| size1004status number| size1005status number| size4681status number| size4682status number| size4683status number| size4684status object| a9slots object| label_adapter number| tier2 number| tier3 number| globalandbeyond number| factor_internal number| timebased number| timebased_refresh number| timer_refresh number| factor_visible number| factor_tier1 number| factor_tier2 string| factor_tier1_text string| factor_tier2_text string| no_refresh boolean| detectPartial number| highcpm number| highcpm1 number| windowwandtest number| strategy number| myVar number| randomval1 number| network1 number| network2 number| percent1 number| namemc number| windowwidth2 number| PREBID_TIMEOUT_NEW number| floor number| ref object| rtbpbjs object| activeadunit object| divandbeyond number| andbeyondtotalSeconds number| andbeyondtotalSeconds1 undefined| andbeyondtimestop boolean| idleStates object| idleTimers object| lineitemidtest function| bidder_restrict function| callnative function| encodenativeurl function| callvideo function| calcTime function| isInteger function| myTimer function| isVisible function| bidadjust1 function| andbeyonddisps function| addListenerMulti function| callback0 object| aff_var number| floorlogic object| bidder_allowed_native object| bidder_allowed_video object| newlineitem object| apstag function| comScoreBtnClickHidden function| udm_ object| dataLayer object| script number| PREBID_TIMEOUT number| FAILSAFE_TIMEOUT object| adUnits string| hostname string| AdtagPrefix object| dfp_responsive_top_728x90_banner object| dfp_responsive_top_728x90_banner_ent object| dfp_responsive_top_728x90_banner_live object| dfp_responsive_popup object| main_ads_list object| right_ad_list object| moving_ad_list object| popup_ad_list object| url_ads_mapping object| param string| url function| hashes object| initParm string| key object| k object| c object| s object| adv object| templistcat object| templistkeycat object| templistcat2 object| templistkeycat2 boolean| tempspecial2 object| detected_ads boolean| isMobileDfp undefined| item object| googletag object| pbjs function| initAdserver function| fbAsyncInit object| right_ads_groupList_sub undefined| htmlStrRightAdsSub object| right_ads_groupList undefined| htmlStrRightAds undefined| idx number| newsGroup number| newsPrePageOnList number| reloadPageTimeInterval number| countPage string| categoryID object| w_yahoo object| d_yahoo object| adUnitCode string| apiKey object| popupAd undefined| myDiv2 undefined| timeOut undefined| fullWidthMobileAd function| $ function| jQuery object| jQuery112408576025646504084 function| Sweetalert2 function| swal function| sweetAlert function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| WURFL object| ggeac object| google_tag_data object| google_js_reporting_queue boolean| initMAd boolean| initAd string| metaPlatform object| _comscore number| week_number object| FB number| s_loadT object| s_i_singtaolimitedheadline.daily.website.prd object| google_tag_manager string| GoogleAnalyticsObject function| ga boolean| google_measure_js_timing object| google_rum_config object| COMSCORE object| ns_p object| _aps boolean| apstagLOADED object| apscustom object| __buffer object| UserSettings object| Yahoo function| JSONPCallback0 object| gaplugins object| gaGlobal object| gaData object| __uid2SecureSignalProvider object| __uid2 string| timezonename object| adloox_pubint object| ignore function| setImmediate function| clearImmediate object| signal_decrypted function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_139 object| Criteo object| Criteo_identitytag_139 number| google_srt object| _google_rum_ns_ object| regeneratorRuntime object| ox_esp object| ID5 object| __id5_instances object| rtbpbjsChunk object| _rtbpbjsGlobals object| ADAGIO object| invibes object| mnet string| nobidVersion object| nobid object| html5 object| Modernizr undefined| temp_clips undefined| myStreamingTag string| textServerBusy string| textPlsInputUsername string| textInvalidateUsername string| textPlsInputPassword string| textShortPassword string| textPasswordNotSame string| textPlsInputEmail string| textInvalidateEmail string| textLongEmail string| textFailVerifyEmail string| textEmailExsists string| textPlsInputCaptureCode string| textPlsInputNickname string| textPlsInputFirstname string| textPlsInputLastname string| textPlsSelectSex string| textPlsInputMobile string| textPlsInputRightMobile object| emailExp object| usernameExp object| mobileExp function| getPlatform function| getHitcount function| updateHitcount function| adjustFontSize function| loadFontSize function| searchBlog function| shareStory function| clearFacebookCache function| shortenURLCallback function| niceAlert function| setJWPlayerKey function| setupJWPlayer function| sendComscoreOnPlay function| reloadPageAfterTime function| updatePopnewsVideoHitCount function| initJWPlayerWithPopnewsId function| initJWPlayerWithInewsVideo function| comScoreBtnClick function| comScoreBtnClickAd function| comScoreBtnClickVAd function| comScoreView function| comScoreVView function| initAdWithJWPlayer function| initIndexPageJWPlayer function| initBselect function| initSiteLoadingAnimsition function| initFancybox function| addSearchFromSubmitEvents function| loadOtherColumnNews function| loadOtherNewestColumnNews function| loadOtherDailyNews function| loadOtherInstantNews function| loadOtherPhotoNews function| createPhotoNewsPageBar function| checkUniqueOnchange function| checkUnique function| checkRegistrationForm function| gotoLoginPage function| login function| refreshCaptcha function| sendPasswordEmail function| getActivateEmailPrev function| getActivateEmailNext function| resendActiveEmail function| resetActiveEmail function| logout function| updatePassword function| checkProfileForm function| resfreshPage function| closeTrailerWindow function| openTrailerWindow function| gameFormSubmit function| initGamePage function| showMobileElements function| setMuteButtonForIOS function| initIndexPageVideojs function| setupVideojs function| initVideojsWithPopnewsId function| initVideojsWithInewsVideo object| ns_ object| $blogsCarouselInnerDiv object| $blogsCarouselCarouselIndicators object| $blogsCarouselInner object| $sectionNewsListScrollable object| $dailynewsBlogsCarousel object| $sectionAllBlogs object| $sectionAllBlogsScrollableContent object| $searchBlog object| $sidebar object| $mobileSidebarLeft object| $sidebarContent object| $footer object| $detail object| $detailContentCarousel string| purecookieTitle string| purecookieDesc string| purecookieLink string| purecookieButton function| pureFadeIn function| pureFadeOut function| setCookie function| getCookie function| eraseCookie function| cookieConsent function| purecookieDismiss object| pbjsChunk object| _pbjsGlobals number| google_unique_id function| onYouTubeIframeAPIReady undefined| google_rum_values object| google_image_requests object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey object| ytNetworklessLoggingInitializationOptions object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingTransportTokensToJspbCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| GoogleGcLKhOms object| google_timing_params object| andbeyondtemp number| custome_axt string| adunit2 number| iframe1 string| iframeid number| pos number| len string| pos123 string| temp number| sizeunfill300px number| sizeunfill336px number| sizeunfill250px number| sizeunfill0px number| sizeunfill600px number| sizeunfill728px number| sizeunfill90px number| sizeunfill970px number| sizeunfill320px number| sizeunfill50px number| sizeunfill120px number| sizeunfill160px number| sizeunfill240px number| sizeunfill468px number| sizeunfillleader number| sizeunfillleader2 number| sizeunfillgoogle number| sizeunfilliframeoogle number| flag string| id string| pos1 number| sponsorandbeyond300 string| test object| id1 number| status_bad string| aff number| width1 number| height1 number| width2 string| text object| andbeyond30016 number| flag_active number| visible string| zonename object| labelnew string| device object| restrict_bidder object| temp_ar object| temp_ar_new object| temp_ar_new1 string| keyname_new string| label_temp object| keyname_temp number| m string| temp_val number| widthidandbeyond30016 number| heightidandbeyond30016 string| adunit3 string| temp_caps number| flagvideo number| flag2 number| d string| timezone number| current_hour2 number| VIDEOFLAGandbeyond30016 object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager string| mediaType object| sas object| apntag object| _ADAGIO number| videoflag string| context object| videocode string| idnew12 number| videounit string| contextvideounit number| j number| refreshval number| number5 number| success number| timeflag string| idnew2 number| knew number| newidflag string| vs3 number| nextactive number| nextpassive number| time_refreshunit number| nextnumber number| passiveRP11x1banner number| activeRP11x1banner number| time_refreshunitRP11x1banner number| nextnumberRP11x1banner number| newflag number| diff number| flagnewone number| passiveRP11x1bannerformob number| activeRP11x1bannerformob number| time_refreshunitRP11x1bannerformob number| nextnumberRP11x1bannerformob number| passivetop728x90banner number| activetop728x90banner number| time_refreshunittop728x90banner number| nextnumbertop728x90banner number| passiveRP1300banner number| activeRP1300banner number| time_refreshunitRP1300banner number| nextnumberRP1300banner number| passiveRP2300banner number| activeRP2300banner number| time_refreshunitRP2300banner number| nextnumberRP2300banner number| passiveRP1300bannerformob number| activeRP1300bannerformob number| time_refreshunitRP1300bannerformob number| nextnumberRP1300bannerformob number| passivedivgptad16151857531040 number| activedivgptad16151857531040 number| time_refreshunitdivgptad16151857531040 number| nextnumberdivgptad16151857531040 number| passiveandbeyond30016 number| activeandbeyond30016 number| time_refreshunitandbeyond30016 number| nextnumberandbeyond30016 string| m1html number| passiveRP2300bannerformob number| activeRP2300bannerformob number| time_refreshunitRP2300bannerformob number| nextnumberRP2300bannerformob number| passivedivgptad15239382214900 number| activedivgptad15239382214900 number| time_refreshunitdivgptad15239382214900 number| nextnumberdivgptad15239382214900 number| passivedivpopupads number| activedivpopupads number| time_refreshunitdivpopupads number| nextnumberdivpopupads number| passivedivsectionpopupads number| activedivsectionpopupads number| time_refreshunitdivsectionpopupads number| nextnumberdivsectionpopupads number| passivedivsplashdisplay number| activedivsplashdisplay number| time_refreshunitdivsplashdisplay number| nextnumberdivsplashdisplay

63 Cookies

Domain/Path Name / Value
hd.stheadline.com/ Name: acw_tc
Value: 2ff62b1b16902646531221668e79aea2b57764acf16099cb7809d82a39
hd.stheadline.com/ Name: cdn_sec_tc
Value: 2ff62b1b16902646531221668e79aea2b57764acf16099cb7809d82a39
.demdex.net/ Name: demdex
Value: 11516349206899793642972229934555018678
.stheadline.com/ Name: AMCVS_E1E31A3C5BB4BED90A495E47%40AdobeOrg
Value: 1
.stheadline.com/ Name: s_pn
Value: %E9%A0%AD%E6%A2%9D%E6%97%A5%E5%A0%B1.%E5%8D%B3%E6%99%82%E6%96%B0%E8%81%9E
.stheadline.com/ Name: s_getNewRepeat
Value: 1690264655498-New
.stheadline.com/ Name: tp
Value: 3089
.stheadline.com/ Name: s_ppv
Value: %25u982D%25u689D%25u65E5%25u5831.%25u5373%25u6642%25u65B0%25u805E%2C39%2C39%2C1200
.stheadline.com/ Name: s_cc
Value: true
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZL9kTwAAAGXqRgO-
.dpm.demdex.net/ Name: dpm
Value: 11516349206899793642972229934555018678
.stheadline.com/ Name: AMCV_E1E31A3C5BB4BED90A495E47%40AdobeOrg
Value: 179643557%7CMCIDTS%7C19564%7CMCMID%7C10813325120533425493010019233842285319%7CMCAAMLH-1690869454%7C6%7CMCAAMB-1690869454%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1690271854s%7CNONE%7CMCSYNCSOP%7C411-19571%7CvVersion%7C5.5.0
.stheadline.com/ Name: _ga
Value: GA1.2.923013097.1690264656
.stheadline.com/ Name: _gid
Value: GA1.2.1785492801.1690264656
.stheadline.com/ Name: _gat_UA-41819048-4
Value: 1
.stheadline.com/ Name: lotame_domain_check
Value: stheadline.com
.criteo.com/ Name: uid
Value: a70a378f-12d8-41f0-8c1a-2c65d71c8cd8
.demdex.net/ Name: dextp
Value: 481-1-1690264655703|771-1-1690264655806
.doubleclick.net/ Name: IDE
Value: AHWqTUkNRt327BksU7PdCiFfISk2968mIFGtq7Nfk9aAqEREdwXZ4GdokhCQX3COLgM
hd.stheadline.com/ Name: _rtbpbjs_userid_consent_data
Value: 3524755945110770
.openx.net/ Name: i
Value: ebfbbafc-be64-45b1-9a13-e8b4a4b294b0|1690264655
.stheadline.com/ Name: cto_bundle
Value: G01dLl9FUFo0SUh4YUl2Nm1DOFoxZ0NTZiUyRk9yZlZWbFN0b0Z6ZWdrV3FvY2dYa1JmUXUxbzBtMUZOSDg0dnYwWUVrRWRnUFFhQU9ZS0FyMmhvVVAzNUFwYk5UVWNZRzdVa25iYXBrM1NWNnM3emxXSzgzUG5KaktBaGhpaSUyRmFGS0VLbTZ4aGxRMzIwN3c1RFFGMDdpSWg4TjFBJTNEJTNE
.youtube.com/ Name: YSC
Value: vDf0gsd_3Bk
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: BobOE5M-qcY
.stheadline.com/ Name: __gads
Value: ID=f12bd6ea5fd25f88:T=1690264656:RT=1690264656:S=ALNI_MZH3MJmXc4DrOqejYJMDlmfFaxhGQ
.stheadline.com/ Name: __gpi
Value: UID=00000c47677ac37f:T=1690264656:RT=1690264656:S=ALNI_MYrrehXnzjZ7ns9UCEZlpzWreoADA
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 75b37b22-44f5-52ce-a395-b9efc72addbe
.betweendigital.com/ Name: ut
Value: ZL9kUQABxSDq6o9mC-1wv9JzqfzxQeeKgq5UnQ==
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: unm
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1690264657_1690264657
.adnxs.com/ Name: icu
Value: ChgI0qJPEAoYASABKAEw0cj9pQY4AUABSAEQ0cj9pQYYAA..
.adnxs.com/ Name: uuid2
Value: 1776016083629542497
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2GTvnu^B^!]tbPl@/D!9hy6]/Cr.'25fcYg?4o-1I3PkfxaZpkxeFSbMcg82'rad6Fpx1.C2+bBnA'jcN!9-*bpRz*qF1`*bcC9+rF?F
match.sharethrough.com/ Name: AWSALBCORS
Value: NXsBB2Us+tFVQz+nTgELzVhdL93JAlKEIOxqzttQP0EqpxnJVhrWib7KdaGcLNueijNltcG+U1c6OZdkmGkwSDugcjgSdrA++ciAKyi+/KvOyPaXElLzP7UrixS3
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.media.net/ Name: visitor-id
Value: 3332662585428254000V10
.media.net/ Name: data-c-ts
Value: 1690264658
.media.net/ Name: data-c
Value: k-ilP6eDIQcBd65Z2lQcMrb7vgxJijgD4Wn70RxQ~~3
.omnitagjs.com/ Name: ayl_visitor
Value: 3e5d35a5bea00f9417376e7274747223
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%2228d67ca0-2ab0-11ee-b0d3-b105c3012881%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2228d67ca0-2ab0-11ee-b0d3-b105c3012881%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%2228d67ca0-2ab0-11ee-b0d3-b105c3012881%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2228d67ca0-2ab0-11ee-b0d3-b105c3012881%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-9Dkd3zIQcBd65Z2lQcMrb7vgxJgo65fu125cMg%22%2C%22version%22%3A%22criteo%22%7D
.casalemedia.com/ Name: CMID
Value: ZL9kUjunhSEMd3gpEHHOwwAA
.casalemedia.com/ Name: CMPS
Value: 1151
.casalemedia.com/ Name: CMPRO
Value: 1151
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-nbiOLDIQcBd65Z2lQcMrb7vgxJh_8bkIqTkLHg&KRTB&23144-uid:k-nbiOLDIQcBd65Z2lQcMrb7vgxJh_8bkIqTkLHg&KRTB&23286-uid:k-nbiOLDIQcBd65Z2lQcMrb7vgxJh_8bkIqTkLHg&KRTB&23287-uid:k-nbiOLDIQcBd65Z2lQcMrb7vgxJh_8bkIqTkLHg
.pubmatic.com/ Name: PugT
Value: 1690264658
.360yield.com/ Name: tuuid
Value: 7786ec83-1f1d-40cb-b3b1-c37f9ec30e75
.360yield.com/ Name: tuuid_lu
Value: 1690264658
.krxd.net/ Name: _kuid_
Value: Psd5-eqZ
.360yield.com/ Name: um
Value: !38,gdS1Gl4Y33yYPsv1vCwoEPkgH7k5QQzxpE2NevQJvq20teIYN2KXcq-g6QfS-K8Hl4y3-Gwn,1698040658
.360yield.com/ Name: umeh
Value: !38,0,1752472658,-1
.tremorhub.com/ Name: tvid
Value: 5dbc7a4d1848415aaf2eeec5a7576fce
.tremorhub.com/ Name: tv_UICR
Value: k-HKimJjIQcBd65Z2lQcMrb7vgxJhRWicR_k2-MQ

13 Console Messages

Source Level URL
Text
network error URL: https://www.googletagmanager.com/gtag/js?id=G-V2KT52C0FP&l=dataLayer&cx=c
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security warning
Message:
Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other warning URL: https://rtbpass-us.andbeyond.media/prebid-custom.js(Line 3)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=64D417E5-8C65-467E-B587-791F5154E1CC&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

27ab4307786ec7ceac97cd1774c546c3.safeframe.googlesyndication.com
a.twiago.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.yieldlab.net
ads.betweendigital.com
ads.eu.criteo.com
ads.pubmatic.com
ads.yap.yahoo.com
adxbid.info
assets.adobedtm.com
bcp.crwdcntrl.net
beacon.krxd.net
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cat.nl3.eu.criteo.com
cdn-ima.33across.com
cdn.ampproject.org
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.prod.uidapi.com
cm.adform.net
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
contextual.media.net
cr.frontend.weborama.fr
criteo-partners.tremorhub.com
criteo-sync.teads.tv
csi.gstatic.com
csm.eu.criteo.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
encrypted-tbn3.gstatic.com
esp.rtbhouse.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
google-bidout-d.openx.net
grid.bidswitch.net
gum.criteo.com
hbopenbid.pubmatic.com
hd.stheadline.com
ib.adnxs.com
id5-sync.com
idsync.frontend.weborama.fr
image.stheadline.com
image2.pubmatic.com
image6.pubmatic.com
imageproxy.eu.criteo.net
invstatic101.creativecdn.com
lb.eu-1-id5-sync.com
match.adsrvr.org
match.sharethrough.com
matching.ivitrack.com
mp.4dex.io
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
onetag-sys.com
p.adlooxtracking.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
prebid.a-mo.net
prebid.andbeyond.media
prg-apac.smartadserver.com
r.casalemedia.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtbcdn.andbeyond.media
rtbdemand-d.openx.net
rtbpass-us.andbeyond.media
s.console.adtarget.com.tr
s.thebrighttag.com
s.yimg.com
sb.scorecardresearch.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
singtaolimited.sc.omtrdc.net
singtaonewscorp.demdex.net
static.criteo.net
static.stheadline.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.adtelligent.com
sync.crwdcntrl.net
sync.outbrain.com
tags.crwdcntrl.net
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
user-sync.adxpremium.services
visitor.omnitagjs.com
widget.nl3.eu.criteo.com
wrappers.geoedge.be
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.youtube.com
x.bidswitch.net
dmp.adform.net
s.console.adtarget.com.tr
user-sync.adxpremium.services
104.18.35.34
104.75.89.75
108.128.74.29
108.138.36.39
108.138.36.46
108.138.37.209
13.248.245.213
13.250.133.90
141.226.228.48
142.250.186.162
147.75.84.158
162.19.138.119
163.181.56.178
163.181.56.180
178.250.1.6
178.250.1.9
178.250.7.13
18.184.162.173
18.194.200.250
18.195.243.79
18.196.36.208
185.106.140.18
185.239.172.77
185.255.84.153
185.64.189.112
185.64.190.80
185.64.191.210
185.80.39.216
185.86.138.150
185.89.211.84
188.42.34.64
193.0.160.131
198.47.127.19
203.80.0.157
213.155.156.169
217.182.178.225
23.32.184.192
23.35.237.75
2600:1f18:612b:4264:1a4b:d3bd:f875:7f1
2600:9000:2250:4a00:a:e047:753:be1
2600:9000:2491:a200:2:d490:4d80:93a1
2606:4700:10::6816:3456
2606:4700:10::6816:dd8
2606:4700:20::681a:9a9
2606:4700::6812:372
2606:4700:e6::ac40:c409
2607:f8b0:4007:819::2003
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1288:80:807::1
2a00:1450:4001:801::2003
2a00:1450:4001:802::200e
2a00:1450:4001:803::200a
2a00:1450:4001:808::2002
2a00:1450:4001:810::2001
2a00:1450:4001:811::2001
2a00:1450:4001:81c::2008
2a00:1450:4001:81c::200e
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c09::9c
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:26f0:3100:782::1e80
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:400::485
2a06:8640:454:0:e082:abff:fefe:d1d2
3.141.189.42
3.248.138.51
3.248.22.29
3.33.220.150
3.71.149.231
34.102.146.192
34.107.231.31
34.111.129.221
34.111.131.239
34.117.157.22
34.120.135.53
34.243.61.200
34.96.70.87
34.98.64.218
35.190.39.111
35.204.74.118
37.157.5.132
37.157.6.237
51.75.86.98
52.18.8.176
52.30.155.207
52.48.190.189
52.58.161.8
54.77.30.253
63.140.62.160
67.220.224.150
69.16.175.10
69.16.175.42
69.173.144.138
69.173.144.165
70.42.32.255
85.215.5.31
87.248.100.137
95.101.148.20
002cb50e45a9f05c930e84cc1c6de5483ac986b75c198dc4d84a3d22a1015bd5
006884f855e616f5085dd71bca89a46eca1b5a6b649ea568e3b5858bc5519ed3
008a1d103902f15fdb1c191fcb1ce8954330e7b8de43d09abb08555ba609f420
014a3d61d0c654f1c2f03e2b9fe22f951a945535e91b02e0fffec31da5ba6f3a
01eb43356e20c5f01efd2dd019782f5886e0f443aabc8b0ff50fba78de76811d
044c2f6982f082889a0607ceece3666188c3ddefad8a3fb9c93a77ddfb13954d
06856897c591ccb513ae6f2ec91ac073132f64f7215cb8d9c7bee9f20f40caa1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
0792166a4270d635ba1f00aa357feef28f053104926ce16588073e8ec2dc67bd
08b9636b6775125253e8c852c70e1e86af7d3f18472e95ebcbd5213cf5da7a13
095a98fd55498a6d838d6e4c6682eb133942e14d602ef6386b5a87f61aa5b175
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0974d5da65373f9848c8ef02ab0b9c906ed85724e2d24f7bc9938be23221990e
0b9cf9c5d4d128f772ee7ddfce66f324edf2d54f967fbb78f135a0e4d371cbfe
11a9bbe62d1a5661c9a42ce1a7ea9102f21afd54860ef8659543f4c6d453d753
11d77626ce1e2445aa3d82d31cf410937e4223518c396d8b9f0bb6e615a1f062
137cbc0ec155a5f9223ddcb109ccf8e6a0a7587b70bfc21a17230e7a4a155c20
138217d8e927fcd3fbaaba15935f294fac73b253a03deda5721076c35d7e7daa
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1966472b847060329c397fbf2b14672957e331ce8371b9d4d262c8e63d85c8b7
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1bdbad79abe39829aab8993d33e1fa35e048e1c9c4687e4fa95374ac5a6d3746
1c54b9d1b579c59f8245fd21a021725c0dbde06ec90f44df1bbc03458f40dfe8
1d929ca8231cdf7dcfd696c6d44475cc44f8e924c7863ffb7fc5802102ec80c1
279edfff7dacee399bf16bdbee1ce06da71168122e07f3edba3b8d41a9042b82
27f7979d487134c6c3483a6806806956fc893bed2c53f8c515a11547e916b731
28eac36479c83ab5c1d7881ae078eff90ba02be1ac4f082b75505830e323b0be
2cbf0f83cf9a64602ed13c4525ff3b969382bbdbe07eeb8d656f0cf639f9424c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ec9f053b4faecc7d3f36744eb6e1c78f429314a3eb6536fff7f84115d8f3d2a
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32a88002f35eff5e93c02eed223dfea38e568f21d1c1a699cd63be40df7db3da
345272d368f41891c6383f5fd3c1c4016e4bc1fac7c6b5ec4239eca2abe3e9ad
35181d5c081b472d390c8c6bb127cff710223f7bc25035d92436e66eeb229e02
35abd6f2532968dfde78938c61e2a978d3a69cae565761d9ae77d174843a28cd
35ddba307fe258726edbca8406973763f489f91f8d2488e67c3e9d691fb8883a
39c7ffdcb3ccc08860606eec39924f07bbbb5187b1eecb9b3e0ff66430407737
3c08f69e21145b5c4b4b8fbb7a44ee1fa1a3970e6d01ef540d7b3da683739365
3d46a5ae746d00c375201d31762f24fe42112750cb37ce1493728680cddc992a
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
4090963f4677c12f0f70d81cee59d4eff19ef9def1dcc5f4d7014e08b9e97123
4105d3c1d549866ea78159bc4f0f21623d87c05a4fa6fdb7f647e1871e420f13
418c802ad641e066c9d4ea7ddc7211d9c148768ad3a64e3441e3736d2b78250c
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
42cc0d0d864fa8e8dc6b4ff64b9a6e126a86719e00cced4e6694c984429da88c
43befd698138529ddb96e01a4c08750d401f6c2724984a4d6027d4be3ecc8feb
43fa35a533f2dcfd4606e126cdf4abe4d80e5ece9e18df46e8f8c766477c1ea2
4427770d30ccf8b4e950d8d03a9d4ec0e4976ed6cc85b793aab1c7d9ecf8fda0
45269ea79e7206947c4efcd1f6be9318ac0dae6137b8591e4af4b1fc3cfc10dd
453d644b44df2cb208ffe0448b32942a440e1275443afbce316dbfd0d961f3f6
4681d619f677c1b314814309a6f00a5e0ec3f12968e807ee71def1cf42bd7808
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4924e12a30059184d9bd1c36294dcdf957f5f2da452209448b35a93aa785cca5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f76efb37e83ed9a2973dc1e570053f91931a6547e0a0bfa1e3e1eb1927cb552
50b98f1fc333d4913577c368777b55ba5e843febe24fe1f98ab21e50d2168cc5
52ad94a3d3789dee8f7c6198ff73ca8c2be6d67c904dbec70973c79572daf773
53222eee800d309eadb93525f8ecf48c02250f624237f67b02a7bfe2e445c4d2
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5eb14751abd4e8cee5fc7e3c8a32f1c03341de2aae439ab8c62daaac4aa280f1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62396c150946104d4809279cfa87658c6733aa1b816420bbc620ead53e005f32
629a4d964eb039cb4bd4d7651d32eafea282189403fc40b67cded949d6c0ade4
642771f7da4fff4115ed85b2d0409893c643ed8b95dbf651da100bae5c4e76f0
6666a87d6ffe2c6293375a959d8f04322a28f49611dcad976f76cb58f750946b
668e82f27aa036ea0b7c06d8ffe942dd203e6a3bc084b00b465e0dee98041e91
66cd9dea03796bd0afc40235cd5ab7a0c1b7d164b753756228682048c361973c
684a4799a1696268059683c666260f9c6af23a7fbc175fc5a7b5d80ff08d0f91
68861fe4bae787b53d19bb7c6adb8448c7f80a2730d917728c67a3533bf75c9a
6abcc7592526e14df34a427062db1313446aa69e31caf75ded84a150f5feb1ff
6bcf89dc9c6b4ed8ae1c136094843d20d619f7a6a5c50b30a193c3155ebe6f64
6c7513362bf905503e06be416db3fca1302c51d912d19f0092cf4618301714b8
6cb5617edd79f36690f5f962d6eec9c852b037bd3dc6f1f7c65756747e09bb54
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7538d006ee781d6a7f6030912d2cf79f8f88bafcc47ac3eef81cab83c210cf4b
756fb7a61e59fd8bd9bc1e6e71e3cbaa9daf75b6e5ea7b1b7cdb11acfcfe125c
776a0594ef833ca86a5ad41ebaa97a05807c1aa0d07224e13f9b79825cf01a4d
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
78c1c1baf0d964522f8afab09cfc754685c1648826a7f9967fd52b774b4ec5aa
78cf7f92ec9841d3afea2c9db9cc22e4ff8acc52bee7060b50a28a71cb262093
7b1fe415775d09a08db8e80d680411fd51a2d0d41c1db7f45827ecc1fc86f861
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ca7a1e30027e42d510cd253b29f1b9f505c04b9af48c9ed20804d9d8006faff
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
7dcd6bf5c95c9a36da8f30012789d9b401bfe671f975d37e8e47ec7432828d32
7df154099a2256039defd5bbdc9159316f8935ec70e2c063918858a87d7fcbbe
8265c5aec9ae3882691303cec1b6993e75b12e8071fe6710826f7fc6b5cbccdb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84571fa90be3b52ed441e2c308f30ea19ff3fde6c6fe773553d9e932ce6ef353
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859a70389f132ddd5170db478d4c3342de75a01668c0021b1731bce2532ca093
86d3f947bf8f90984ba2f5e095e54416161bd19abcbe8e3e6137e76772206bbf
88cd78605dd026a8d87e2a65abaf3d892ee2b72a5f8c888d06492e604ceebc1c
899559afe55f7c890d3bed0f276c12afb06f9b9d634cb7971e225751df0e40dd
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a4c851e098aeaa897f28e8d7dd966ef0344ce72bb2f42351da2f8ba10e278e5
8b5d79af5f5ea9ccd52c644d613a652d2e4777e225fc8102e4c79da6b8a93eb4
8b80962407aedcf612e64d21fcf7883e2cd0803d1d63b2ccde3b66dbfe2d9198
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f683e7a5f473be5b3555518b2643443557f83a404239ac02626c2eb7e7f9b20
903f2ffddc2ee0207b862d1738c3b5df3e45225a74862afd49f75cd6c899484f
91e7f077664ee9356ee7429127b4d9737f2ac247add6eedacd3a469f5538d5cc
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
97b644c7b22773c7a3d541d3ba082d4f5755a2c15cab9ed847c58ddfd5b52fd1
984b4c989fdf40f0c4543d68d185f1af1549a88f4be3574ec8e9cd4e95e046f5
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9c2640454058564f6d00451bc313255f5dbbfe9258b8a6953a26ff070c8772cc
9dc1bf8d8b2f0685c9cf02577fd6089c05492e4842916050b0b858c2cbc61f2d
9fc31ee6bafd21b6b905dde786016101e5bfbdb0f75d34299df2f572311a8449
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2e40c317997f1d498ab2d67fc475af9ba8f5357711461c232faa8a28efbfb20
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a85afcf0346b08217e747c1e0ed04b7e3641043802c1931ed9e2e9b3fcaeceb6
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa73c937338c4c5872d66c078fb9219d2f9dcb55ed2ab34905150e02342ea7ff
ab6a9a2566423afd0793e0dfcfe5532c60a21916d501641c88ba6d5d6cec9d59
abd08f4d558cdc3aaf647eade7f780286cbbde3e8bc6685ba4abe28d356a9011
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ae48acb5feb5671038d418e329e69022d642ce8e1843f8cefe65f0f3e2636c2c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aeca8972210ef71bb5529fef5f2b59ad8ee8baecc5f7f0c36b4657f8d74e29b0
b03afcbf2fbeba733a2b40a4f6f5307977268b29df242211d0c1b12a88812593
b118568858df50612fa3591132d6d6bb41ddf00f8c74ad8cccd16e5510691aad
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b34b021031d0ddbe24a940d7d32ec42fb1dff2aa19b7b370203408a60f87f29c
b453f7e482e40f3a63792b350f23d89ca0a9067676498d185281961be603176d
b4aeb80e488d28eb057be1632c3f75d2ce301b303e0d934a841669a455f915ff
b82b70e8fb6162477bfa925fb2bb2aa6ac05fcc35cceb9daf9ca9ec3a2bc6ea2
b8c7d2bb11336760649b52953f0e44d3ad462b216cc4930c3fd944864ad9ffb5
ba52a8367e805d67058cf53ce9117203794257db295a2c34c941391516206c51
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc50bf49cbe79ee49b4ee8b56f26ff4877bc4945c16f260b1481ba2355c96347
bcaddc53ae96c62ddc48e581d82437899c6d82bae6cb920239772cc2977e85df
bd08be9cbf5f35486ce3011abc8286e9e2f59ac1de1ff9840377332383263f19
bd88c8a6443878c1b90216a199ab6be673d81237da83f5216d3961eab73c3891
be3a49b76ac71c1b995f314d04e13b762c6386daff3ddb6cba5e79fdc02a597f
c0c2ec1f2d626ab278d81abe34d30681f0007e8c79a890165f27e3e1550e99b7
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c29ef8b4e85db8035a9d4b11357566bdf9a64d80aecfe790441246eb72860f97
c46701816ff75067cb504a2ddffb5d5b59cc374856cbec012e902b960bd1fbc3
c576a94861ae87a9286be59d33a4a36b6983be2ca98f7c7640913584acc6c346
c5a6b2a1e55e92c33f977bbd6f047cdec63b8fc1d87de48ea0201fed7a40ed64
c7ea3cdce10dca254bf006e0c30bdb693fcab414178b3dc506bf6950234edf7d
c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
ca372f1d4ced7e2a37e83eb5b880159ba569a4fbf613b9cc2894a6c8726c13f6
ca3fe16748e5e2c85cceea18bb69f132a877b56f0ccca2e667030e20847df191
cab486b36e4f2fa09ab81d2964db38d78e8962420a7cbf1c8367e2b0596bb838
cb30da47f8971f97532343d855fdb5c3f94928e83f6457f5922c0f8ad96adc28
cbe006779b4df0ae3275b5eab380e604d82604223ba1c67291f622233013bb5e
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
cc544058a74b8854d1a04a48c60f52c76190c31daeb8f3a3df0af0be18930ea6
cccba065a0e962f62ca114793d18ada30e87cf7a48900c1e7486e8e4c57a05b9
ce05ebc645534f502c40ebf919b2992e353a216068772467822ef88f725052b1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d13e08892ef48393ce58c434f13b67418c7feb03d70c2cf67772272568e969b5
d176961371a541cbca0bc6546ade64f63ec8b3eb32323afae37afd008f243c7e
d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6
d65f4b2e8eee94ddc7f762d098de19558d879a3b597c8913b4d075532e3ed4b4
d6d01246a30e9d483531c27721f73f266fa4af35effdb21683ac02a620ab8aaf
d9f9ed2611a1e707f9f04206b37a721903ef9c0f355913c4f955826ecf57f777
dce0aaa05889d2c949ef45338456ae7636598da2d859de6bd601a5d78bbfddf7
de0bc01daa8996739e538c4c3f58f458bf15d737d35a8cddb0d8d8d1d800db94
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5a215def83e156b08bd70c0a82d70d71f925271955cad7268ca8bc6b320bded
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec142e258323e57ffd199c066d4090aa640e7a4ce5ff2ccca5abce8add14e158
ec8fbee8583f1113604bb6a956caac31faea3405dd7c34a8d69f935daabb12c1
ecc97bc2e33b850c815a7b944dabd90496ceacf79183de9b764ef179b5c8d9d2
eea49075e644c9e9983d50dc1c7cf8ba4099e07e561b55cc2e9cffba1fb1f283
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1000c400415ff168a11fabae79791b9e3d591cb0044159ef4cbbf8d6e103e47
f2f1ed2a726a3a2b5534962c9d195e8b5ff51137067af1f5c8c4529828a49b5c
f32f2936af3502f725a0e799ac86c1a6507fdc376969a1aca7999d485f283dd4
f39a2c7f7532d8fc427e96438ad41aa48b6b57d81b1fe494e0288845216589b3
f3cbcdffd6a39fc58d718e501f0eeac4b6223aff5b04da4f3668c35e90edc9c2
f4a12d07f234dfc75706f361427a61d856a65c715cb4c71357e8202c9d7733f1
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f609ef8156740f4533656cb0841d0947b7e01504615019535066d33289912b9f
f60a254589dfec5febde4aceb6b2a8f6810f4d4a9498438b73884c48165f30a7
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f8880e5a39bcf6d2aea78acedc759dd4404e4e812f99bfac543b64ab0f77db62
fa8bcb457a25b1ca75f2330bc1851f47bf0562bcf9c73fbe3fea153235324437
fe952be986fd8826ac20c2a451cdd79145000ae7d63f0affac71613567e99155