hinet.net Open in urlscan Pro
203.75.214.159 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hinet.net/
Effective URL:
https://hinet.net/
Submission: On July 20 via manual (July 20th 2021, 2:29:07 pm UTC) from US

Summary HTTP 637 Redirects Links 227 Behaviour Indicators

Summary

This website contacted 84 IPs in 9 countries across 52 domains to perform 637 HTTP transactions. The main IP is 203.75.214.159, located in Taiwan and belongs to HINET Data Communication Business Group, TW. The main domain is hinet.net.
TLS certificate: Issued by on August 6th 2020. Valid for: 2 years.

This is the only time hinet.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 113	203.75.214.159 203.75.214.159	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 44	203.75.214.200 203.75.214.200	3462 (HINET Dat...) (HINET Data Communication Business Group)
1	2a04:4e42:3::485 2a04:4e42:3::485	54113 (FASTLY) (FASTLY)
4	13.225.74.66 13.225.74.66	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	203.75.214.163 203.75.214.163	3462 (HINET Dat...) (HINET Data Communication Business Group)
45	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
10	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
9 50	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
8	2600:9000:215... 2600:9000:2156:e800:3:cecd:5f00:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
2	212.82.100.146 212.82.100.146	34010 (YAHOO-IRD) (YAHOO-IRD)
3	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	34.96.74.134 34.96.74.134	15169 (GOOGLE) (GOOGLE)
1 4	13.226.145.101 13.226.145.101	16509 (AMAZON-02) (AMAZON-02)
1	192.229.221.28 192.229.221.28	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
56	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	3.120.211.246 3.120.211.246	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	107.178.241.176 107.178.241.176	15169 (GOOGLE) (GOOGLE)
2	143.204.205.120 143.204.205.120	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	210.242.135.3 210.242.135.3	3462 (HINET Dat...) (HINET Data Communication Business Group)
2	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 3	216.58.212.166 216.58.212.166	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
7 25	34.96.119.68 34.96.119.68	15169 (GOOGLE) (GOOGLE)
7 14	172.105.221.240 172.105.221.240	63949 (LINODE-AP...) (LINODE-AP Linode)
1	61.221.82.7 61.221.82.7	3462 (HINET Dat...) (HINET Data Communication Business Group)
5 9	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
7	2606:4700:20:... 2606:4700:20::681a:567	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:10:... 2606:4700:10::6816:9ee	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 15	211.21.190.218 211.21.190.218	3462 (HINET Dat...) (HINET Data Communication Business Group)
8	2600:9000:20e... 2600:9000:20eb:3a00:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.95.67.231 34.95.67.231	15169 (GOOGLE) (GOOGLE)
12	61.221.82.10 61.221.82.10	3462 (HINET Dat...) (HINET Data Communication Business Group)
2 4	35.201.76.93 35.201.76.93	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:5e00:3:1794:2540:93a1	16509 (AMAZON-02) (AMAZON-02)
4	175.41.232.18 175.41.232.18	16509 (AMAZON-02) (AMAZON-02)
2	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
1	210.59.219.181 210.59.219.181	3462 (HINET Dat...) (HINET Data Communication Business Group)
5	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
5 9	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
5 7	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	52.213.111.123 52.213.111.123	16509 (AMAZON-02) (AMAZON-02)
6	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2.18.233.67 2.18.233.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2600:9000:218... 2600:9000:2182:d200:c:bbc8:bbc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.224.193.126 13.224.193.126	16509 (AMAZON-02) (AMAZON-02)
3	54.77.67.228 54.77.67.228	16509 (AMAZON-02) (AMAZON-02)
1	88.99.148.145 88.99.148.145	24940 (HETZNER-AS) (HETZNER-AS)
1	148.251.47.75 148.251.47.75	24940 (HETZNER-AS) (HETZNER-AS)
8	136.243.6.97 136.243.6.97	24940 (HETZNER-AS) (HETZNER-AS)
1 3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 1	34.246.227.69 34.246.227.69	16509 (AMAZON-02) (AMAZON-02)
2 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
6 6	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
6 6	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3	16509 (AMAZON-02) (AMAZON-02)
5	3.115.39.7 3.115.39.7	16509 (AMAZON-02) (AMAZON-02)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
2	52.71.1.191 52.71.1.191	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
3 3	52.57.142.16 52.57.142.16	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	13.226.145.23 13.226.145.23	16509 (AMAZON-02) (AMAZON-02)
7	2a02:26f0:6c0... 2a02:26f0:6c00:286::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b2::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	213.254.244.21 213.254.244.21	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
11	213.254.244.20 213.254.244.20	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
2 2	23.45.99.241 23.45.99.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	54.65.74.248 54.65.74.248	16509 (AMAZON-02) (AMAZON-02)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
637	84

113 203.75.214.159 (Taiwan) 1 redirects

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-159.HINET-IP.hinet.net

hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 203.75.214.200 (Taiwan) 2 redirects

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-200.HINET-IP.hinet.net

ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.225.74.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-74-66.fra2.r.cloudfront.net

static.adsinstant.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 203.75.214.163 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-163.HINET-IP.hinet.net

search.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.HINET-IP.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cf.t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 216.58.212.162 (Mountain View, United States) 9 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2156:e800:3:cecd:5f00:93a1 (United States)

ASN16509 (AMAZON-02, US)

player.svc.litv.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.82.100.146 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-flurry71.prod.media.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.96.74.134 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 134.74.96.34.bc.googleusercontent.com

pusti.svc.litv.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.226.145.101 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-101.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.221.28 (United States)

ASN15133 (EDGECAST, US)

redir.adap.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

1b8747ca3ec3fd419fac1823e81b2e8f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
e338583413426f34f084e5bf37e09973.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
86bfa5140d01e03ef16e8744c9b1fa35.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.211.246 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-211-246.eu-central-1.compute.amazonaws.com

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.178.241.176 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 176.241.178.107.bc.googleusercontent.com

onead.onevision.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.205.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-120.fra53.r.cloudfront.net

fino.svc.litv.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 210.242.135.3 (New Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

p-api03.svc.litv.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.166 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 34.96.119.68 (Kansas City, United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: 68.119.96.34.bc.googleusercontent.com

apn.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adx.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pmp-beacon.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 172.105.221.240 (Tokyo, Japan) 7 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1875-240.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 61.221.82.7 (Tainan City, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-221-82-7.HINET-IP.hinet.net

ssp-hinetwork.cdn.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 162.210.196.208 (Long Beach, United States) 5 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:9ee (United States)

ASN13335 (CLOUDFLARENET, US)

tenmax-static.cacafly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 211.21.190.218 (New Taipei, Taiwan) 2 redirects

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 211-21-190-218.HINET-IP.hinet.net

dmp.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssp.tenmax.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:20eb:3a00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.67.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 61.221.82.10 (Tainan City, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 61-221-82-10.HINET-IP.hinet.net

banner-cfnetwork.cdn.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.76.93 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:5e00:3:1794:2540:93a1 (United States)

ASN16509 (AMAZON-02, US)

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 175.41.232.18 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-175-41-232-18.ap-northeast-1.compute.amazonaws.com

ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 210.59.219.181 (Taoyuan District, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b564a7e3badbd705ed361b4bc7e3fbbb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.234.21 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.221.91 (Amsterdam, Netherlands) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.213.111.123 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-111-123.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-67.deploy.static.akamaitechnologies.com

s79.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:d200:c:bbc8:bbc0:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

de-config.sensic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.193.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-126.fra2.r.cloudfront.net

1f2dd3a35e71de738555c9c2cc8ddd9118173a8797217762ab63a9c3.trk.sensic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.77.67.228 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-67-228.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.99.148.145 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h680.meetrics.de

dbg01.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.47.75 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h489.meetrics.de

s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 136.243.6.97 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h243.meetrics.de

b199.s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.227.69 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-227-69.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.227.252.103 (Kansas City, United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.78 (United Kingdom) 6 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.138 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.115.39.7 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-115-39-7.ap-northeast-1.compute.amazonaws.com

ccm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Lich, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.71.1.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-1-191.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c305::8000 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.142.16 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-142-16.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.145.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-23.dus51.r.cloudfront.net

v.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:6c00:286::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b2::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.21 (United States)

ASN36062 (DOUBLE-VERIFY, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 213.254.244.20 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps20512.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20245.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tps20228.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.99.241 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.65.74.248 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-65-74-248.ap-northeast-1.compute.amazonaws.com

ad.doublemax.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
217	hinet.net 3 redirects hinet.net ssp.hinet.net search.hinet.net t.ssp.hinet.net ssp-hinetwork.cdn.hinet.net banner-cfnetwork.cdn.hinet.net cf.t.ssp.hinet.net	6 MB
102	googlesyndication.com 1b8747ca3ec3fd419fac1823e81b2e8f.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com e338583413426f34f084e5bf37e09973.safeframe.googlesyndication.com 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com 86bfa5140d01e03ef16e8744c9b1fa35.safeframe.googlesyndication.com b564a7e3badbd705ed361b4bc7e3fbbb.safeframe.googlesyndication.com dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com ade.googlesyndication.com	725 KB
73	doubleclick.net 10 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net static.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	3 MB
39	appier.net 14 redirects apn.c.appier.net gocm.c.appier.net adx.c.appier.net pmp-beacon.apx.appier.net ad2.apx.appier.net	16 KB
26	holmesmind.com 2 redirects cdn.holmesmind.com fcm.holmesmind.com c.holmesmind.com adcdn.holmesmind.com ad.holmesmind.com ccm.holmesmind.com v.holmesmind.com	3 MB
20	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps20512.doubleverify.com tps.doubleverify.com tps20245.doubleverify.com tps20228.doubleverify.com	217 KB
19	google.com 1 redirects adservice.google.com www.google.com	6 KB
17	googletagservices.com www.googletagservices.com	480 KB
15	tenmax.io 2 redirects dmp.tenmax.io ssp.tenmax.io	18 KB
15	2mdn.net s0.2mdn.net	369 KB
15	litv.tv player.svc.litv.tv pusti.svc.litv.tv fino.svc.litv.tv p-api03.svc.litv.tv	282 KB
10	jquery.com code.jquery.com	322 KB
9	de.com s79.research.de.com b199.s79.research.de.com	3 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com	8 KB
9	aralego.com 5 redirects ads.aralego.com sync.aralego.com	4 KB
8	google.de adservice.google.de	1 KB
7	adsafeprotected.com 1 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	93 KB
7	adnxs.com 5 redirects ib.adnxs.com	7 KB
7	aralego.net cdn.aralego.net	82 KB
6	pubmatic.com 6 redirects image6.pubmatic.com	3 KB
6	openx.net 6 redirects rtb.openx.net	2 KB
6	google-analytics.com www.google-analytics.com	58 KB
5	googletagmanager.com www.googletagmanager.com	189 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com	3 KB
4	facebook.com www.facebook.com	12 KB
4	adsinstant.com static.adsinstant.com	9 KB
3	bidswitch.net 3 redirects x.bidswitch.net	1 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com	1 KB
3	rlcdn.com 2 redirects id.rlcdn.com	1 KB
3	quantserve.com 1 redirects cms.quantserve.com	1 KB
3	cacafly.net tenmax-static.cacafly.net	111 KB
3	yahoo.com 1 redirects ads.yap.yahoo.com pr-bh.ybp.yahoo.com	1 KB
3	googleapis.com imasdk.googleapis.com fonts.googleapis.com	503 KB
3	yimg.com s.yimg.com	27 KB
2	addthis.com 2 redirects e.dlx.addthis.com	1 KB
2	sensic.net 1 redirects de-config.sensic.net 1f2dd3a35e71de738555c9c2cc8ddd9118173a8797217762ab63a9c3.trk.sensic.net	810 B
2	creativecdn.com prebid-asia.creativecdn.com	346 B
2	facebook.net connect.facebook.net	99 KB
1	doublemax.net ad.doublemax.net	91 B
1	mookie1.com odr.mookie1.com	608 B
1	o2online.de portal.o2online.de	607 B
1	innovid.com ag.innovid.com	296 B
1	everesttech.net 1 redirects pixel.everesttech.net	375 B
1	meetrics.net dbg01.meetrics.net	351 B
1	mxcdn.net s79.mxcdn.net	56 KB
1	scupio.com prebid.scupio.com	280 B
1	googleadservices.com partner.googleadservices.com	244 B
1	onevision.com.tw onead.onevision.com.tw
1	advertising.com ads.adaptv.advertising.com	358 B
1	adap.tv redir.adap.tv	32 KB
1	jsdelivr.net cdn.jsdelivr.net	6 KB
1	cloudflare.com cdnjs.cloudflare.com	4 KB
637	52

	Domain	Requested by
113	hinet.net	1 redirects hinet.net
56	pagead2.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com srcdoc googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com hinet.net 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com s0.2mdn.net dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com ad.doubleclick.net
44	t.ssp.hinet.net	ssp.hinet.net hinet.net t.ssp.hinet.net
44	ssp.hinet.net	2 redirects hinet.net ssp.hinet.net code.jquery.com
35	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com s0.2mdn.net dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
27	cm.g.doubleclick.net	9 redirects googleads.g.doubleclick.net 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
22	securepubads.g.doubleclick.net	ssp.hinet.net securepubads.g.doubleclick.net hinet.net www.googletagservices.com cdn.aralego.net
17	www.googletagservices.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com googleads.g.doubleclick.net tenmax-static.cacafly.net 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
15	s0.2mdn.net	imasdk.googleapis.com hinet.net s0.2mdn.net dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
14	gocm.c.appier.net	7 redirects hinet.net apn.c.appier.net ad2.apx.appier.net
12	banner-cfnetwork.cdn.hinet.net	cdn.holmesmind.com hinet.net ssp.hinet.net
11	www.google.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com hinet.net 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
10	ssp.tenmax.io	tenmax-static.cacafly.net hinet.net ssp.hinet.net
10	code.jquery.com	ssp.hinet.net
9	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
8	b199.s79.research.de.com	599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
8	ad2.apx.appier.net	4 redirects hinet.net ssp.hinet.net
8	cdn.holmesmind.com	ads.aralego.com cdn.holmesmind.com ad.holmesmind.com
8	adx.c.appier.net	hinet.net apn.c.appier.net
8	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
8	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
8	player.svc.litv.tv	hinet.net player.svc.litv.tv
7	cdn.doubleverify.com	dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com cdn.doubleverify.com hinet.net ad.doubleclick.net
7	ib.adnxs.com	5 redirects googleads.g.doubleclick.net
7	cdn.aralego.net	hinet.net ads.aralego.com ssp.hinet.net
6	image6.pubmatic.com	6 redirects
6	rtb.openx.net	6 redirects
6	googleads4.g.doubleclick.net	hinet.net ad.doubleclick.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	ccm.holmesmind.com	hinet.net ssp.hinet.net
5	dmp.tenmax.io	2 redirects hinet.net ssp.hinet.net
5	sync.aralego.com	3 redirects ads.aralego.com
5	apn.c.appier.net	3 redirects ssp.hinet.net
5	www.googletagmanager.com	hinet.net player.svc.litv.tv www.googletagmanager.com
4	ad.holmesmind.com	cdn.holmesmind.com ssp.hinet.net
4	pmp-beacon.apx.appier.net	apn.c.appier.net ad2.apx.appier.net
4	c.holmesmind.com	2 redirects cdn.holmesmind.com
4	ads.aralego.com	2 redirects ads.aralego.com
4	sb.scorecardresearch.com	1 redirects player.svc.litv.tv hinet.net
4	www.facebook.com	hinet.net www.facebook.com player.svc.litv.tv connect.facebook.net
4	static.adsinstant.com	hinet.net static.adsinstant.com
3	tps20228.doubleverify.com	cdn.doubleverify.com
3	tps20245.doubleverify.com	cdn.doubleverify.com
3	tps20512.doubleverify.com	dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
3	x.bidswitch.net	3 redirects
3	pixel.rubiconproject.com	3 redirects
3	id.rlcdn.com	2 redirects 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
3	cms.quantserve.com	1 redirects 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
3	static.adsafeprotected.com	fw.adsafeprotected.com 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
3	tenmax-static.cacafly.net	ssp.hinet.net hinet.net
3	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net www.googletagservices.com
3	pusti.svc.litv.tv	player.svc.litv.tv
3	stats.g.doubleclick.net	www.google-analytics.com
3	s.yimg.com	static.adsinstant.com hinet.net s.yimg.com
2	e.dlx.addthis.com	2 redirects
2	tps.doubleverify.com	cdn.doubleverify.com
2	dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	dt.adsafeprotected.com
2	fw.adsafeprotected.com	1 redirects hinet.net
2	599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	prebid-asia.creativecdn.com	banner-cfnetwork.cdn.hinet.net
2	adcdn.holmesmind.com	cdn.holmesmind.com
2	fcm.holmesmind.com	cdn.holmesmind.com
2	p-api03.svc.litv.tv	player.svc.litv.tv
2	fino.svc.litv.tv	player.svc.litv.tv
2	connect.facebook.net	player.svc.litv.tv connect.facebook.net
2	ads.yap.yahoo.com	s.yimg.com
2	imasdk.googleapis.com	player.svc.litv.tv imasdk.googleapis.com
2	search.hinet.net	hinet.net
1	ade.googlesyndication.com
1	ad.doublemax.net	ssp.hinet.net
1	odr.mookie1.com	dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	cdn3.doubleverify.com	cdn.doubleverify.com
1	cf.t.ssp.hinet.net	ssp.hinet.net
1	v.holmesmind.com	ssp.hinet.net
1	b564a7e3badbd705ed361b4bc7e3fbbb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	pr-bh.ybp.yahoo.com	1 redirects
1	portal.o2online.de
1	ag.innovid.com	599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
1	pixel.everesttech.net	1 redirects
1	s79.research.de.com	s79.mxcdn.net
1	dbg01.meetrics.net	s79.mxcdn.net
1	86bfa5140d01e03ef16e8744c9b1fa35.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	1f2dd3a35e71de738555c9c2cc8ddd9118173a8797217762ab63a9c3.trk.sensic.net	599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
1	de-config.sensic.net	1 redirects
1	s79.mxcdn.net	s0.2mdn.net
1	prebid.scupio.com	banner-cfnetwork.cdn.hinet.net
1	e338583413426f34f084e5bf37e09973.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	ssp-hinetwork.cdn.hinet.net	hinet.net
1	static.doubleclick.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	onead.onevision.com.tw	player.svc.litv.tv
1	ads.adaptv.advertising.com	redir.adap.tv
1	1b8747ca3ec3fd419fac1823e81b2e8f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	redir.adap.tv	www.googletagmanager.com
1	fonts.googleapis.com	static.adsinstant.com
1	cdn.jsdelivr.net	hinet.net
1	cdnjs.cloudflare.com	hinet.net
637	101

This site contains links to these domains. Also see Links.

Domain
ssp.hinet.net
www.cht.com.tw
www.hinet.net
member.cht.com.tw
search.hinet.net
times.hinet.net
hichannel.hinet.net
broadband.hinet.net
speed.hinet.net
gamebooster.hinet.net
hcs.iot.cht.com.tw
hicare.hinet.net
hisecure.hinet.net
keeper.hisecure.hinet.net
safe.hinet.net
webmail.hinet.net
www.msa.hinet.net
hamipoint.cht.com.tw
mis.twse.com.tw
luckylight.hinet.net
e-pay.hinet.net
aaaservice.hinet.net
hamivideo.hinet.net
ibobby.ai.hinet.net
www.land.nat.gov.tw
web02.mtnet.gov.tw
mvdvan.mvdis.gov.tw
web.pcc.gov.tw
twnch.hinet.net
gsn.nat.gov.tw
123.cht.com.tw
www.facebook.com
my.cht.com.tw
adsl.hinet.net
www.hilink.hinet.net
hicloud.hinet.net
www.idc.hinet.net
securemail.hinet.net
secure365.hinet.net
vrs.hinet.net
www.dhs.hinet.net
ien.com.tw
efms.hinet.net
www.hihosting.hinet.net
domain.hinet.net
w3.hibox.hinet.net
hiair.hinet.net
hinetfax.hinet.net
www.himail.hinet.net
hievent.hinet.net
funplay.hinet.net
www.hishop.hinet.net
event.xuite.net
reurl.cc
smarturl.it
xuite.net
www.railway.gov.tw
hinetgame.games.hinet.net
blog.xuite.net
invoice.cht.com.tw
sme.ivs.hinet.net
hidvs.hinet.net
csapp.cht.com.tw
windows.microsoft.com
www.google.com
moztw.org
support.apple.com
www.emome.net
mod.cht.com.tw
www.chtf.org.tw
service.hinet.net

Subject Issuer	Validity	Valid
*.hinet.net	`2020-08-06` - `2022-08-06`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.ssp.hinet.net	`2020-10-19` - `2021-10-19`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-30` - `2022-06-01`	a year	crt.sh
static.adsinstant.com Amazon	`2020-11-21` - `2021-12-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
litv.tv Amazon	`2020-08-15` - `2021-09-14`	a year	crt.sh
*.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-06-23` - `2021-08-04`	a month	crt.sh
upload.video.google.com GTS CA 1O1	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gw.flurry.com DigiCert SHA2 High Assurance Server CA	`2021-06-28` - `2021-12-22`	6 months	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
pusti.svc.litv.tv GTS CA 1D4	`2021-06-29` - `2021-09-27`	3 months	crt.sh
cdn.adap.tv DigiCert TLS RSA SHA256 2020 CA1	`2021-05-28` - `2022-06-02`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
onead.onevision.com.tw R3	`2021-05-31` - `2021-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.svc.litv.tv Sectigo RSA Domain Validation Secure Server CA	`2020-01-08` - `2022-01-07`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.c.appier.net R3	`2021-06-08` - `2021-09-06`	3 months	crt.sh
*.cdn.hinet.net	`2021-06-11` - `2022-06-11`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2019-09-23` - `2021-11-21`	2 years	crt.sh
*.tenmax.io Gandi Standard SSL CA 2	`2020-01-30` - `2022-02-05`	2 years	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2021-05-18` - `2022-06-19`	a year	crt.sh
*.apx.appier.net R3	`2021-05-14` - `2021-08-12`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2019-10-15` - `2021-10-28`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.mxcdn.net DigiCert SHA2 Secure Server CA	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.trk.sensic.net Amazon	`2021-01-10` - `2022-02-07`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
meetrics.net R3	`2021-06-30` - `2021-09-28`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-06-22` - `2021-09-14`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
*.t.ssp.hinet.net	`2020-05-06` - `2022-05-06`	2 years	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
*.doublemax.net Go Daddy Secure Certificate Authority - G2	`2021-04-24` - `2022-05-26`	a year	crt.sh

This page contains 81 frames:

Primary Page: https://hinet.net/
Frame ID: 8F8A90C91F7B626679B2C1F748D7C37D
Requests: 155 HTTP requests in this frame

Frame: https://t.ssp.hinet.net/tag.js
Frame ID: FEA029A5F0D24F4C0AEBE38F37207540
Requests: 15 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FHiNetsayHi&width=180&height=300&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
Frame ID: EFB029256F2F2E7DE677D420C29D097B
Requests: 2 HTTP requests in this frame

Frame: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=
Frame ID: 03138F24EE54D77818E15A25DB069A05
Requests: 37 HTTP requests in this frame

Frame: https://1b8747ca3ec3fd419fac1823e81b2e8f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6A31937BAAFBB839DEB0E62A2EF45445
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucUvnyJsFVfNxQPc8YPfO0--Rbp0xGe9hDJG3WZYJmjq8gczdcKYnvYhQZsWDB_l8_u66tJi6cjieCrC2H0-kZswdNuodpL5gB5J-IMPK5_3xz19xQH9h0bYArxQG2SFQ3JX0DbQ9-ZG0KCkD9Oy-3nYzcYlxwcVjKf0p0mJf2RfJuJPQOxpnDLsSKaoIbUAuj1RyIUlxQ_NZ69bamB8f5SXmrE951z9H2T13YkctrYvu47vM8ZIAOuihcySo5BrjwEGVcvHX_YRPUq1ONrikVAd7pyx_ihorZdeHLbaDVnZpqD_4RBxfBXsGYM134Qzjfid7a_Q4DYw&sai=AMfl-YR74oVULdgqSZRWKBW6S8XDqWOYXnFUH5GJcV2-pDOvCz5bmRxg1Vgup66eeQQidqT9wBm2B2vOgZ2PdBTcl3jBNGnS7VV4kwbnF1g1Cb2wseOzg4Df9743JBgyz3Q&sig=Cg0ArKJSzAvgnVpFbB8OEAE&urlfix=1&adurl=
Frame ID: 624AEE8B04ACCC27415C51702D4D0688
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html
Frame ID: AB0DDA8C14F49A68B57B0F60AFFB9690
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.472.0_zh_tw.html
Frame ID: A73B12864A636EAE331102878C6F3E8C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2433080275028329&output=html&h=250&slotname=4348070867&adk=1487366383&adf=4198862039&pi=t.ma~as.4348070867&w=970&psa=0&format=970x250&url=https%3A%2F%2Fhinet.net%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626791321346&bpp=4&bdt=216&idt=159&shv=r20210712&ptt=9&saldr=aa&cookie=ID%3D6868ab07c3c9bdd1-22b87c2b81c80087%3AT%3D1626791321%3AS%3DALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ&correlator=1354287985938&frm=23&ife=4&pv=2&ga_vid=791402944.1626791320&ga_sid=1626791322&ga_hid=296630730&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=33&biw=1600&bih=1200&isw=970&ish=250&ifk=1078664049&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1623597559702417&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w88l2ugvejdy&fsb=1&dtd=189
Frame ID: C2B888BB3E3E3FB318B1F114CEDBCC76
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 60559F8744733D829CA9212D5B2E91AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 07CFFD20522E91212EB099A9792808FE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js
Frame ID: FD641E63FC0A6AB7ED65897D1CB66EB7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 753C4A1302A3F6A63A6081F2207ACB2E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F5C3DB47EA460705A244B7132249895F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: EC72311D3C60129867211F84E3A21774
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 75C8771F762B6B14244A648E2CA4E210
Requests: 1 HTTP requests in this frame

Frame: https://t.ssp.hinet.net/tag.js
Frame ID: F1E531829476CCB2169D8DF7F21F13CE
Requests: 9 HTTP requests in this frame

Frame: https://t.ssp.hinet.net/tag.js
Frame ID: 8A569994B2C3173E409BD0DCC0E6A238
Requests: 5 HTTP requests in this frame

Frame: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Frame ID: 68CACB6A8761362D99BF4B9D5F80E492
Requests: 30 HTTP requests in this frame

Frame: https://t.ssp.hinet.net/tag.js
Frame ID: AE967C8DA387488C8E252406C3EEDE3E
Requests: 11 HTTP requests in this frame

Frame: https://t.ssp.hinet.net/tag.js
Frame ID: A5AF85632A3FF48D78AE30E1DE32C019
Requests: 4 HTTP requests in this frame

Frame: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
Frame ID: FFD4739BD29AC8D677AA961EAD416C89
Requests: 37 HTTP requests in this frame

Frame: https://t.ssp.hinet.net/tag.js
Frame ID: 4A7A85C25D6E4AAC1BC0343A3714FAD8
Requests: 20 HTTP requests in this frame

Frame: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/?token=16267896015384cb1f9b7160df35fb
Frame ID: FD192B8C0E09FF967212AB03ACD78313
Requests: 6 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 3194DA6EBAF05E46AA819E4571C4E6B6
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: A1EC40D408466B0BC1980BBE50DC4841
Requests: 9 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: F205169328C5F145E7A88E68D2C09B1E
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 654CAA14C81B1B0F53FE18B99C7501D5
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 104C9EDB45EBCD42136591ACF794719A
Requests: 10 HTTP requests in this frame

Frame: https://e338583413426f34f084e5bf37e09973.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 45EF3C3AD2407C638D5A7AB67E795091
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 882031D3CBA25643FFBD2870EE6EC1C8
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BC997961FB11723DA76C2FD818B3B6F9
Requests: 1 HTTP requests in this frame

Frame: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Frame ID: 426E2221DF3E926E503AB75E826D1937
Requests: 15 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 93A1DE2DCD126DBD84DC96E148684170
Requests: 3 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: B884C2A9FC55AAFC9C2CE99932496ECF
Requests: 1 HTTP requests in this frame

Frame: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F893D038492A511AC69C364583081C5B
Requests: 1 HTTP requests in this frame

Frame: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 374E0C0722C70B8585BD4C2DD9351683
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 680DFA2D2974EF438534F309B9D075BE
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 769F50B14366EF09DD0BF9A23FFBC3B5
Requests: 1 HTTP requests in this frame

Frame: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: CA0824D04DD4282D24D40F52320B88D5
Requests: 18 HTTP requests in this frame

Frame: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 363ECB935D667CBF6ACBAA6EE71B6534
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjY1bWvATAB&v=APEucNWxIQqGbZOJINTSY9il0T6lZLnxnEc_tHjMq82Hfs5m9Fg2sbkspRlD_-Mju1v5j2BRxiI_ZAV7NLvzg3OoAP6IwTlry2LgUlMqVaIcAf378gxOUUejIQxMKlog56dv--JlqNWe3qkitMOYJGgID0zJCJvvTyQGva8EXFHtSb2Zsft01sw
Frame ID: 521913F8698D12F7A78DEAB0FCA393A9
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D3078E7D0952127770513CA0AF832635
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1ABB232D328D2792BDE818E97123BDEE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjB-92sATAB&v=APEucNWjEoLOa0YipKhgfmXy6y950iqhTjGllJpgxSATP1MghnFZenEn3lyNU82E-kexjZpjEzunTSiyRVlUB2NMacKj9T8hB5U19SyFghvGkQTrY5DqoF4Lj5RhDNfOjdJOhlzMK0dM3U6cGpEJ_jCdGHk6xRmcngu_d1V0an_4-mNp4dqFVMc
Frame ID: 328A1C04B4EF6CA895E03242411EEC83
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 9A69405DEC3ED54C662A636BF59EEABD
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E07AA546D32B657CB5AE254C9E492E32
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5A018B5D0AAE8D0E0A19F2F89FEDD2B2
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582160/20210607031514764/300x250.html?e=69&leftOffset=0&topOffset=0&c=UojpExTAlE&t=1&renderingType=2
Frame ID: DEE58C64419846F0DA3A6BBF13E1282A
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/9758366/1625140909297/13-IWE-IONIQ5-Skyscraper-160x600-Keyvisual/index.html
Frame ID: D22E97AB0546B8810853FEFE04BC668E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: E9FCC100F7946D3744CFD0D9C8744779
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E8597EFC26A721F5134BB0F48C378ACD
Requests: 3 HTTP requests in this frame

Frame: https://86bfa5140d01e03ef16e8744c9b1fa35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 119E76F52187DDE04601D7E11927EE72
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: C5F2105D586161AA3A30B28435BF8C05
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 086253C7A0B5AFA3784B9B3CAACDF6DB
Requests: 3 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSzhY6y7_RfmqGJOVc1Fu4gfqxfyKz15p81M-5fi9JEPV0ZVLGV9shrsemt2XUHrN9cDVqt_Z_FnuznKuYh4SUc9ZPuhA-uBabcTvLOWXn4qo9W_fMzLeMgqBTCFEH3nMYnsqeKjjnCZv8XvcsaTEMFnyyngVmM4rlYaNINaFr3tdXUMPwR3_p8EOPJO5YW9xm5xAaVdpthPnYmA11IX52KOEU6vV-wXxtxy_Sooi6PXeggW3AnrBO2Jx--pMYbkV2Z_BmvVdYgXLFROX_A3ddo8sM2poBkskrilaQS20xnNmFiOlE7w14h60F3Xhq1tfOGx7CAvQ&sig=Cg0ArKJSzBKfT8eZOSkVEAE&urlfix=1&adurl=
Frame ID: 3F968551EDCAE8EC7E919DB3C0AB802E
Requests: 10 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.9.js
Frame ID: 6573B9344F7F35214F88842EC522BA2B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js
Frame ID: 782CC3762B89ADDFFE6752BFD6179C13
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 8529BAF273A9520C8BA322D4F37820EC
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FE83260B7B96943AD3CA28F4AA3BF550
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Frame ID: C46CC07CC3FC7EC5082092664B931B75
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/init.js
Frame ID: 37368CF478B4461A0744F9E792D00462
Requests: 7 HTTP requests in this frame

Frame: https://gocm.c.appier.net/gcm
Frame ID: 56E292FBE41B9A389517D37B6F522417
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: B7DF4FE86FF1FD0A2764825CAF3E6035
Requests: 1 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: DABFBE630A2B74850752CA9A25999388
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js
Frame ID: 6F36EEC19C9575FC3588D6B3D98807B0
Requests: 17 HTTP requests in this frame

Frame: https://b564a7e3badbd705ed361b4bc7e3fbbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3
Frame ID: 81404F9B295FD02DD094ADFE70667DD3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 02D88768F6BDC661389CFE0832B89FDA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1C5652D6EE78BE246402D9C1FCD908B5
Requests: 1 HTTP requests in this frame

Frame: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 60F21FCD9ED7D9B4FDB1BA3B8C59254A
Requests: 1 HTTP requests in this frame

Frame: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B6363AB96881BDC884B8348C39C3644C
Requests: 26 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZsc-ZATAB&v=APEucNUpuv7LgoufKG4Dghb6PYxNsRogFSv7rBeCey4ZYx2JWL_IUWWJhGFgQIDgOSkavwbptBju01pO_QqDDmKjWdqU5Sy4Jzo6IfTKRCRPuv_PqG1_Xr3tPOLA3kX9AIWkAAloWmebBZ61zRkZ-8s5CNm_NtvMQxa00XRMy2vSowqIJc2zJFI
Frame ID: 6106F38CF5C5F82C0C2EE1D4477CC9DE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: D5DD87F916B6BD1F20E39B953450B256
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 714114BF8F65524F2997A4FF948B1AB8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6DFB893F12EBC452C1B4FEABC6B7B61F
Requests: 3 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: 0B25591954DCFBC843776A4F2880B9B9
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: EF53220A9B89DA3B98A3F1FC974608ED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 59929DE6D0A803E386CA1CF6E39EEB27
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1549.js
Frame ID: 7EE0017AE3757CC1D1CC8077B3140ED8
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B556B71CB48A5D744D025C3789F8134C
Requests: 9 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements1549.js
Frame ID: DF99F20AB6DEACF993738CBEF6A29CA9
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://hinet.net/ HTTP 302
https://hinet.net/ Page URL

Detected technologies

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
html //i

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

script /swfobject.*\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

637
Requests

99 %
HTTPS

43 %
IPv6

52
Domains

101
Subdomains

84
IPs

9
Countries

15799 kB
Transfer

25097 kB
Size

0
Cookies

227 Outgoing links

These are links going to different origins than the main page.

URL: https://ssp.hinet.net/api/web/click/?token=16267895936994dbbeaa97c4c165fa
Title: 爸媽免驚!上網時間輕鬆設定

Search URL Search Domain Scan URL

URL: http://www.cht.com.tw/
Title: 中華電信

Search URL Search Domain Scan URL

URL: https://www.hinet.net/howcome.html
Title: 好康活動

Search URL Search Domain Scan URL

URL: https://www.hinet.net/sitemap.html
Title: 網站地圖

Search URL Search Domain Scan URL

URL: https://www.hinet.net/notify.html?type=0
Title: 網站公告

Search URL Search Domain Scan URL

URL: https://member.cht.com.tw/MemberCenter/index.jsp
Title: 會員中心

Search URL Search Domain Scan URL

URL: https://search.hinet.net/login?returnUrl=https%3A%2F%2Fwww.hinet.net%2F
Title: 登入

Search URL Search Domain Scan URL

URL: https://search.hinet.net/logout?returnUrl=https%3A%2F%2Fwww.hinet.net%2F
Title: 登出

Search URL Search Domain Scan URL

URL: https://times.hinet.net/spList/97/1
Title:

Search URL Search Domain Scan URL

URL: https://hichannel.hinet.net/radio/index.do?id=210
Title: ASIAFM 亞洲電台

Search URL Search Domain Scan URL

URL: https://hichannel.hinet.net/radio/index.do?id=211
Title: BestRadio 台中好事

Search URL Search Domain Scan URL

URL: https://hichannel.hinet.net/radio/index.do?id=1001
Title: BravoFM台北都會音樂台

Search URL Search Domain Scan URL

URL: http://hichannel.hinet.net/radio/index.do?id=212
Title: 好事自在Latte

Search URL Search Domain Scan URL

URL: http://search.hinet.net/?k=%E5%9C%8B%E9%98%B2%E5%A4%A7%E5%AD%B8%E6%B4%BB%E6%98%A5%E5%AE%AE&t=wps
Title: 國防大學活春宮

Search URL Search Domain Scan URL

URL: http://search.hinet.net/?k=%E9%AB%98%E7%AB%AF%E8%82%A1%E5%83%B9&t=wps
Title: 高端股價

Search URL Search Domain Scan URL

URL: http://search.hinet.net/?k=Toyz&t=wps
Title: Toyz

Search URL Search Domain Scan URL

URL: https://broadband.hinet.net/Broadband/index.do
Title: 光世代

Search URL Search Domain Scan URL

URL: https://www.cht.com.tw/home/consumer/broadband/cht-wifi/home-wifi
Title: Wi-Fi無線上網

Search URL Search Domain Scan URL

URL: http://speed.hinet.net/
Title: 連線速率測試

Search URL Search Domain Scan URL

URL: https://gamebooster.hinet.net/
Title: 遊戲加速器

Search URL Search Domain Scan URL

URL: https://hcs.iot.cht.com.tw/
Title: 健康雲

Search URL Search Domain Scan URL

URL: https://hicare.hinet.net/CHT/hicare/index.html
Title: 色情守門員

Search URL Search Domain Scan URL

URL: https://hicare.hinet.net/CHT/OTM/index.html
Title: 上網時間管理

Search URL Search Domain Scan URL

URL: https://hisecure.hinet.net/
Title: 防毒防駭

Search URL Search Domain Scan URL

URL: https://keeper.hisecure.hinet.net/
Title: 防駭守門員

Search URL Search Domain Scan URL

URL: https://safe.hinet.net/
Title: 上網守衛

Search URL Search Domain Scan URL

URL: https://webmail.hinet.net/
Title: 信箱(網頁郵件服務)

Search URL Search Domain Scan URL

URL: https://www.msa.hinet.net/
Title: MSA(信箱服務)

Search URL Search Domain Scan URL

URL: https://hamipoint.cht.com.tw/
Title: Hami Point

Search URL Search Domain Scan URL

URL: https://times.hinet.net/
Title: 生活誌

Search URL Search Domain Scan URL

URL: https://times.hinet.net/trip
Title: 訂房/機票

Search URL Search Domain Scan URL

URL: https://times.hinet.net/weather
Title: 氣象

Search URL Search Domain Scan URL

URL: https://mis.twse.com.tw/stock/index.jsp
Title: 股市

Search URL Search Domain Scan URL

URL: https://www.hinet.net/house/
Title: 房地產

Search URL Search Domain Scan URL

URL: https://www.hinet.net/fate/
Title: 愛‧好運

Search URL Search Domain Scan URL

URL: https://luckylight.hinet.net/
Title: 光明燈祈福

Search URL Search Domain Scan URL

URL: https://e-pay.hinet.net/
Title: 點數卡

Search URL Search Domain Scan URL

URL: http://aaaservice.hinet.net/User/index.html
Title: 中華支付(小額付款)

Search URL Search Domain Scan URL

URL: https://www.hinet.net/tv/
Title: 免費影音

Search URL Search Domain Scan URL

URL: https://www.hinet.net/litv/
Title: 免費看片

Search URL Search Domain Scan URL

URL: https://hamivideo.hinet.net/
Title: Hami Video

Search URL Search Domain Scan URL

URL: https://ibobby.ai.hinet.net/index.html
Title: i寶貝智慧聲控

Search URL Search Domain Scan URL

URL: http://www.land.nat.gov.tw/
Title: 地政

Search URL Search Domain Scan URL

URL: https://web02.mtnet.gov.tw/
Title: 航港

Search URL Search Domain Scan URL

URL: https://mvdvan.mvdis.gov.tw/mvdvan/
Title: 公路監理

Search URL Search Domain Scan URL

URL: http://web.pcc.gov.tw/pishtml/pisindex.html
Title: 政府採購

Search URL Search Domain Scan URL

URL: https://twnch.hinet.net/twnch2/index_old.php
Title: 票據

Search URL Search Domain Scan URL

URL: https://gsn.nat.gov.tw/
Title: 政府網路

Search URL Search Domain Scan URL

URL: https://123.cht.com.tw/eCAS/B3B
Title: 障礙櫃台

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CHTdoctor/
Title: 客服Q博士

Search URL Search Domain Scan URL

URL: https://www.hinet.net/customer/customer.html
Title: 常用客戶服務

Search URL Search Domain Scan URL

URL: https://my.cht.com.tw/Bill
Title: 線上繳費

Search URL Search Domain Scan URL

URL: https://123.cht.com.tw/ecas/B09
Title: 電子帳單

Search URL Search Domain Scan URL

URL: https://www.cht.com.tw/home/cht/about-cht/business-group/store-locator
Title: 服務據點

Search URL Search Domain Scan URL

URL: https://123.cht.com.tw/CSAPP/intro/

Search URL Search Domain Scan URL

URL: http://adsl.hinet.net/
Title: 企業上網

Search URL Search Domain Scan URL

URL: http://www.hilink.hinet.net/
Title: VPN企業內部網路

Search URL Search Domain Scan URL

URL: http://hicloud.hinet.net/hicloud_caas_about.html
Title: CaaS雲運算

Search URL Search Domain Scan URL

URL: http://hicloud.hinet.net/hicloud_cvpc_about.html
Title: CVPC虛擬私雲

Search URL Search Domain Scan URL

URL: http://hicloud.hinet.net/hicloud_boxe_about.html
Title: Box(e)資料櫃

Search URL Search Domain Scan URL

URL: http://hicloud.hinet.net/hicloud_s3_about.html
Title: S3雲儲存

Search URL Search Domain Scan URL

URL: https://www.cht.com.tw/home/enterprise/cloud-idc/cloud-service/hinet-microsoft-cloud
Title: 微軟雲

Search URL Search Domain Scan URL

URL: http://www.idc.hinet.net/service01.html
Title: 機房服務

Search URL Search Domain Scan URL

URL: http://www.idc.hinet.net/service02.html
Title: 網路服務

Search URL Search Domain Scan URL

URL: http://www.idc.hinet.net/service04.html
Title: 解決方案

Search URL Search Domain Scan URL

URL: https://securemail.hinet.net/
Title: 郵件守門員

Search URL Search Domain Scan URL

URL: https://secure365.hinet.net/product/18
Title: 安全評估

Search URL Search Domain Scan URL

URL: https://secure365.hinet.net/
Title: 網站偵防隊

Search URL Search Domain Scan URL

URL: https://secure365.hinet.net/product/22
Title: 入侵防護

Search URL Search Domain Scan URL

URL: https://secure365.hinet.net/SMB/SMB-WFBSS_Security-page.html
Title: 企業防毒防駭

Search URL Search Domain Scan URL

URL: https://secure365.hinet.net/product/23
Title: DDos進階防護

Search URL Search Domain Scan URL

URL: https://vrs.hinet.net/
Title: 千里眼(雲端監錄)

Search URL Search Domain Scan URL

URL: http://www.dhs.hinet.net/Service_01.html
Title: eHome智慧家庭

Search URL Search Domain Scan URL

URL: http://ien.com.tw/Info/
Title: iEN智慧節能

Search URL Search Domain Scan URL

URL: http://efms.hinet.net/
Title: ITS智慧運輸

Search URL Search Domain Scan URL

URL: https://www.hihosting.hinet.net/
Title: hiHosting企業架站

Search URL Search Domain Scan URL

URL: https://domain.hinet.net/
Title: 網域註冊(買網址)

Search URL Search Domain Scan URL

URL: https://w3.hibox.hinet.net/
Title: hiBox全能信箱

Search URL Search Domain Scan URL

URL: https://hiair.hinet.net/hweb/hiairpost_new.jsp
Title: 企業簡訊

Search URL Search Domain Scan URL

URL: https://hinetfax.hinet.net/
Title: 網際傳真

Search URL Search Domain Scan URL

URL: https://www.himail.hinet.net/
Title: hiMail企業郵件

Search URL Search Domain Scan URL

URL: https://hievent.hinet.net/
Title: hievent網路直播

Search URL Search Domain Scan URL

URL: https://www.cht.com.tw/home/enterprise/businessapplication/enterprise-valueadded/169?utm_source=google&utm_medium=cpc&utm_campai
Title: 視訊會議

Search URL Search Domain Scan URL

URL: http://funplay.hinet.net/funplay/index.do
Title: 放心播(音樂公播)

Search URL Search Domain Scan URL

URL: https://www.hishop.hinet.net/

Search URL Search Domain Scan URL

URL: https://event.xuite.net/activity/2021sport?utm_source=hinet&utm_medium=bn&utm_campaign=2021sport-quiz&utm_content=160x60

Search URL Search Domain Scan URL

URL: https://event.xuite.net/activity/stayhome?utm_source=hinet&utm_medium=bn&utm_campaign=stayhome&utm_content=160x60

Search URL Search Domain Scan URL

URL: https://reurl.cc/zeXD9y

Search URL Search Domain Scan URL

URL: http://smarturl.it/hinethomerecommend

Search URL Search Domain Scan URL

URL: https://xuite.net/

Search URL Search Domain Scan URL

URL: https://www.railway.gov.tw/tra-tip-web/tip

Search URL Search Domain Scan URL

URL: http://hinetgame.games.hinet.net/

Search URL Search Domain Scan URL

URL: https://search.hinet.net/

Search URL Search Domain Scan URL

URL: https://www.hinet.net/notifyPage.html?id=17aa40ed75000000712b&type=1
Title: more

Search URL Search Domain Scan URL

URL: https://www.hinet.net/notifyPage.html?id=17a8aa9f0f40000013c1&type=0
Title: more

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419879

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419346

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419945

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419850

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419461

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419347
Title: 打疫苗遇颱風指揮中心這樣因應

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419481
Title: 7/26不解封僅降級？陳時中說明

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419411
Title: 第三輪疫苗預約首日預約人數揭曉

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419574
Title: 體育署長爆已請辭政院回應了

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419235
Title: 楊冪1年沒見女兒？無緣公公證實

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419118
Title: 打AZ爆瘦羅巧倫：魂都飛了

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419119
Title: 胖了8公斤「韓國芭比」坐裂櫃子

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419309
Title: 扛病體也要上工！洪金寶曝光內情

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419861
Title: 連珍羚里約奧運失利 5年後蛻變再拚

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419743
Title: 唯一擊敗「飛魚」的混血泳將斯庫林

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419121
Title: 史上第一!46歲體操媽媽8度出征奧運

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419851
Title: 王溢正轉中繼漸回穩開心與他當隊友

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23420000
Title: 4大疫苗差異醫生揭打完仍確診原因

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419908
Title: 台北女月薪36K！眾見1關鍵喊大贏

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419480
Title: 天氣再熱也不吹冷氣？理由全場認輸

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419824
Title: 生炒花枝總少一味？內行曝靈魂秘方

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419988
Title: 外銷訂單上半年首破3千億美元

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419652
Title: 高端獲准在巴拉圭進行三期臨床試驗

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419367
Title: 人生第一間房該買房貸壽險嗎？

Search URL Search Domain Scan URL

URL: https://times.hinet.net/news/23419437
Title: 買房跟著捷運走！捷運萬大線這最夯

Search URL Search Domain Scan URL

URL: https://ssp.hinet.net/api/web/click/?token=16267895937007558109df51828002
Title: 過濾不良網站!送購物金

Search URL Search Domain Scan URL

URL: http://broadband.hinet.net/
Title: 防毒防駭安心上網

Search URL Search Domain Scan URL

URL: https://www.hinet.net/litv/?contentId=litv-embed1002
Title: 全民星攻略

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/937

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/942
Title: 吳亦凡拐騙SOP曝光受害網美曝對 ...

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/936
Title: 宋仲基李成民合演新劇預計2022 ...

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/640
Title: 吳姍儒半素顏自拍竟撞臉陳漢典

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/959
Title: 高鐵26日前全對號座逾9成員工打完疫苗

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/981
Title: 台電研議即時電價案初步規劃3大方 ...

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/995
Title: 花蓮17日5連震預估將持續1至2 ...

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/875
Title: 7/26降級不解封？陳時中：緩步放 ...

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/557
Title: 失智不是單純老化！藥師給這些建議

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/851
Title: 4招睡前瑜珈助眠 15分鐘放鬆壓力

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/899
Title: 糖尿病控制不佳？中醫針灸助降血糖

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/969
Title: 舌頭影響蛀牙 5點檢查舌頭健康狀況

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/823
Title: 出遊兼避暑走訪內雙溪賞花去

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/948
Title: 梨山雨後現美景虹霓同現掛高空

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/1009
Title: 獲選最佳冒險休閒地觀光局推疫後台 ...

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/670
Title: 八仙山線上生態探索趣報名囉！

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/923
Title: 勿輕信多查證！上半年投資詐欺倍增

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/754
Title: 高雄左營民宅暗夜火警臥室發現夫妻 ...

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/902
Title: 頭份工廠實驗室爆炸員工1死2傷

Search URL Search Domain Scan URL

URL: https://times.hinet.net/topicList/908
Title: 國道5車連環撞與哥同車胞弟遭撞飛 ...

Search URL Search Domain Scan URL

URL: http://times.hinet.net/weather
Title: 70% / 27 - 31℃

Search URL Search Domain Scan URL

URL: http://mis.twse.com.tw/
Title: 台股走勢圖/個股行情查詢

Search URL Search Domain Scan URL

URL: https://smarturl.it/hinethomesmallbn

Search URL Search Domain Scan URL

URL: https://smarturl.it/hinethometext1
Title: 娜扎、劉以豪奇幻虐戀劇免費追

Search URL Search Domain Scan URL

URL: https://smarturl.it/hinethometext2
Title: 《天才衝衝衝》免費線上看

Search URL Search Domain Scan URL

URL: https://smarturl.it/hinethometext3
Title: 重口味醫學燒腦劇《檢法男女2》

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/1241/20488

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/cp109/20484

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/cp108/20483

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/1015/20521

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/142/20519

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/481/20518

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/cp199/20517

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/741/20516

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/cp143/20514

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/221/20512

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/cp105/20508

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/cp151/20505

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/2341/20504

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/1264/20503

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/cp100/20520

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/781/20497

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/cp197/20492

Search URL Search Domain Scan URL

URL: https://times.hinet.net/magazineList/1242/20489

Search URL Search Domain Scan URL

URL: https://times.hinet.net/times/news/23410111
Title: 你登記疫苗了嗎？疫苗預約平

Search URL Search Domain Scan URL

URL: https://times.hinet.net/times/news/23419058
Title: 颱風「查帕卡」增強為中颱！大

Search URL Search Domain Scan URL

URL: https://times.hinet.net/times/news/23417366
Title: 誰容易染菜花？菜花不分男女

Search URL Search Domain Scan URL

URL: https://times.hinet.net/times/news/23418636
Title: 北車地下街爆疫情！京站、京站

Search URL Search Domain Scan URL

URL: https://times.hinet.net/times/news/23418677
Title: 政戰視訊課女學生嘿咻誤傳全

Search URL Search Domain Scan URL

URL: https://times.hinet.net/times/news/23418661
Title: 近降級標準陳時中：緩坡式放

Search URL Search Domain Scan URL

URL: https://times.hinet.net/times/news/23418481
Title: 董至成錯愕接業配遭提告經紀

Search URL Search Domain Scan URL

URL: https://times.hinet.net/times/news/23405755
Title: COVID-19／哪些人是接種第九

Search URL Search Domain Scan URL

URL: https://times.hinet.net/times/news/23418652
Title: 解封題材炒熱概念股

Search URL Search Domain Scan URL

URL: https://times.hinet.net/times/news/23418680
Title: 微解封新制…拍婚紗可露臉酬

Search URL Search Domain Scan URL

URL: https://www.hinet.net/fate/#love
Title: 預測！最近健康運如何？

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/lsg2006/moon/589860118

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/faer88121/twblog1/589653903

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/snoopy7219/wretch/589762764

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/cbdickying/blog/589624432

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/lightblue33/living/589720076

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/colonmen/blog/589816602

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/viewerman/twblog/589712746

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/mr.coffee/diary/589783814

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/sunchicken/blog/589738649

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/emahsieh2002/twblog/589874977

Search URL Search Domain Scan URL

URL: https://blog.xuite.net/wang.so/dogbaby/589836484

Search URL Search Domain Scan URL

URL: https://www.cht.com.tw/home/consumer/broadband/hinet/hinet-light
Title: 光世代

Search URL Search Domain Scan URL

URL: https://www.cht.com.tw/home/consumer/broadband/hinet/hinet-adsl
Title: ADSL

Search URL Search Domain Scan URL

URL: https://123.cht.com.tw/ecas/B39
Title: IPv6申請

Search URL Search Domain Scan URL

URL: https://hisecure.hinet.net/AntiVirus/index.php
Title: 線上掃毒

Search URL Search Domain Scan URL

URL: https://hamivideo.hinet.net/index.do
Title: Hami Video

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HiNethichannel
Title: hichannel粉絲團

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HiNetsayHi
Title: HiNet say Hi粉絲團

Search URL Search Domain Scan URL

URL: https://www.facebook.com/broadbandhinet
Title: 光世代粉絲團

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HiNetnews
Title: 生活誌粉絲團

Search URL Search Domain Scan URL

URL: https://invoice.cht.com.tw/invoice/login.jsp
Title: 電子發票

Search URL Search Domain Scan URL

URL: https://sme.ivs.hinet.net/auth
Title: 千里眼(雲端監錄)

Search URL Search Domain Scan URL

URL: https://www.cht.com.tw/home/enterprise/smartcity/smart-service/smart-home
Title: eHome智慧家庭

Search URL Search Domain Scan URL

URL: https://ien.com.tw/Info/
Title: iEN智慧節能

Search URL Search Domain Scan URL

URL: https://efms.hinet.net/FMS/login_fms.aspx
Title: ITS智慧運輸

Search URL Search Domain Scan URL

URL: http://hidvs.hinet.net/
Title: 數據語音

Search URL Search Domain Scan URL

URL: https://www.cht.com.tw/home/enterprise/businessapplication/enterprise-valueadded/169?utm_source=google&utm_medium=cpc&utm_campaign=2020campaign&utm_content=extend&trackid=1137
Title: 視訊會議

Search URL Search Domain Scan URL

URL: https://csapp.cht.com.tw/CustService/Web/portal-web.html#/
Title: 變更連線密碼

Search URL Search Domain Scan URL

URL: https://www.msa.hinet.net/cgi-bin/forget_password_html
Title: 忘記MSA密碼

Search URL Search Domain Scan URL

URL: https://www.msa.hinet.net/cgi-bin/msc_exception_login3_html
Title: 忘記MSA帳號

Search URL Search Domain Scan URL

URL: http://windows.microsoft.com/zh-TW/internet-explorer/products/ie/home
Title: 最新版本

Search URL Search Domain Scan URL

URL: https://www.google.com/chrome/index.html
Title: 最新版本

Search URL Search Domain Scan URL

URL: http://moztw.org/
Title: 最新版本

Search URL Search Domain Scan URL

URL: http://support.apple.com/zh_TW/downloads/#safari
Title: 最新版本

Search URL Search Domain Scan URL

URL: https://www.hinet.net/mobile.html
Title: 手機版

Search URL Search Domain Scan URL

URL: https://www.hinet.net/globe/en/
Title: English

Search URL Search Domain Scan URL

URL: http://www.emome.net/
Title: emome

Search URL Search Domain Scan URL

URL: http://mod.cht.com.tw/
Title: MOD

Search URL Search Domain Scan URL

URL: https://www.chtf.org.tw/
Title: 點。台灣

Search URL Search Domain Scan URL

URL: https://www.hinet.net/copyright.html
Title: 著作權保護

Search URL Search Domain Scan URL

URL: https://www.hinet.net/privacy.html
Title: 隱私權保護

Search URL Search Domain Scan URL

URL: https://www.cht.com.tw/home/cht/sustainability/sustainability-management/csr-vision
Title: 企業社會責任

Search URL Search Domain Scan URL

URL: https://www.hinet.net/kid.html
Title: 兒童網路安全

Search URL Search Domain Scan URL

URL: http://www.hinet.net/app/ad_normal.html
Title: 刊登廣告

Search URL Search Domain Scan URL

URL: http://www.cht.com.tw/portal/Wanted
Title: 人才招募

Search URL Search Domain Scan URL

URL: http://service.hinet.net/2004/ncsc/index.htm
Title: 聯絡我們

Search URL Search Domain Scan URL

URL: https://www.hinet.net/classify.html
Title: HiNet電子訊息管理措施

Search URL Search Domain Scan URL

URL: https://www.hinet.net/classify2.html
Title: 網站及平臺內容管理措施

Search URL Search Domain Scan URL

URL: https://www.cht.com.tw/home/consumer/privacy
Title: 隱私權保護政策

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hinet.net/ HTTP 302
https://hinet.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 156

https://sb.scorecardresearch.com/b?c1=7&c2=18986219&c3=100001&ns__t=1626791320946&ns_c=UTF-8&ns_if=1&cv=3.5&c8=LiTV%E7%AB%8B%E8%A6%96%E7%B7%9A%E4%B8%8A%E5%BD%B1%E8%A6%96-%20%E5%8F%B0%E7%81%A3%E6%8E%92%E8%A1%8C%E7%AC%AC%E4%B8%80%E6%AD%A3%E7%89%88%E3%80%81%E9%AB%98%E6%B8%85%E7%B7%9A%E4%B8%8A%E7%9C%8B%E7%9B%B4%E6%92%AD%E5%BD%B1%E9%9F%B3%E9%9B%BB%E8%A6%96&c7=https%3A%2F%2Fplayer.svc.litv.tv%2Findex.html%3Fs%3DaGluZXQ0%7CaGluZXQ%3D&c9=https%3A%2F%2Fhinet.net%2F HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=18986219&c3=100001&ns__t=1626791320946&ns_c=UTF-8&ns_if=1&cv=3.5&c8=LiTV%E7%AB%8B%E8%A6%96%E7%B7%9A%E4%B8%8A%E5%BD%B1%E8%A6%96-%20%E5%8F%B0%E7%81%A3%E6%8E%92%E8%A1%8C%E7%AC%AC%E4%B8%80%E6%AD%A3%E7%89%88%E3%80%81%E9%AB%98%E6%B8%85%E7%B7%9A%E4%B8%8A%E7%9C%8B%E7%9B%B4%E6%92%AD%E5%BD%B1%E9%9F%B3%E9%9B%BB%E8%A6%96&c7=https%3A%2F%2Fplayer.svc.litv.tv%2Findex.html%3Fs%3DaGluZXQ0%7CaGluZXQ%3D&c9=https%3A%2F%2Fhinet.net%2F

Request Chain 208

https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B23993647.289649836;dc_trk_aid=483145944;dc_trk_cid=131102398;ord=3441909534;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B23993647.289649836;dc_pre=CMPCnvft8fECFRTTEQgd3CUG_g;dc_trk_aid=483145944;dc_trk_cid=131102398;ord=3441909534;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 213

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 235

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUu59M-f HTTP 307
https://gocm.c.appier.net/apnnet?hzid=HUu59M-f&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js HTTP 302
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=tPTKRF-rBAmle1sqod32YA&hzid=HUu59M-f

Request Chain 239

https://ssp.hinet.net/api/web/exposure/?token=162678960002102a7d7359c1b6228d HTTP 302
https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/60e7c39168713.jpg

Request Chain 244

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUuJ9M-f HTTP 307
https://gocm.c.appier.net/apnnet?hzid=HUuJ9M-f&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js HTTP 302
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=yosMxOXEB6yqzscSod32YA&hzid=HUuJ9M-f

Request Chain 249

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 257

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HtIi9M-Q HTTP 307
https://gocm.c.appier.net/apnnet?hzid=HtIi9M-Q&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js HTTP 302
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=tqtT0E5NCZmCzOOood32YA&hzid=HtIi9M-Q

Request Chain 274

https://ssp.hinet.net/api/web/exposure/?token=16267896015384cb1f9b7160df35fb HTTP 302
https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/?token=16267896015384cb1f9b7160df35fb

Request Chain 298

https://sync.aralego.com/idsync HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/733c3307-df76-318a-8763-b1b4aeeefb99?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-CX34nVdE2oWKlu2rJHb7jEP3HbNIls3c970b9g0-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=85bb1979-51ba-4887-b6e0-294134d07a8b HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/733c3307-df76-318a-8763-b1b4aeeefb99?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-CX34nVdE2oWKlu2rJHb7jEP3HbNIls3c970b9g0-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=85bb1979-51ba-4887-b6e0-294134d07a8b HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/733c3307-df76-318a-8763-b1b4aeeefb99?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-CX34nVdE2oWKlu2rJHb7jEP3HbNIls3c970b9g0-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=85bb1979-51ba-4887-b6e0-294134d07a8b HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/733c3307-df76-318a-8763-b1b4aeeefb99?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-CX34nVdE2oWKlu2rJHb7jEP3HbNIls3c970b9g0-~A&redirect= HTTP 302
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=733c3307-df76-318a-8763-b1b4aeeefb99&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=733c3307-df76-318a-8763-b1b4aeeefb99&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=83ccfda7-9738-426d-8165-63690138a0e5&google_hm=ODNjY2ZkYTctOTczOC00MjZkLTgxNjUtNjM2OTAxMzhhMGU1 HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENJxgs1KH9vkehGcJ0uYKYQ&google_cver=1&ssp=ucfunnel&bsw_param=83ccfda7-9738-426d-8165-63690138a0e5 HTTP 302
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=83ccfda7-9738-426d-8165-63690138a0e5

Request Chain 307

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 330

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=789&id=idockddgbi4oomk5w HTTP 307
https://gocm.c.appier.net/aanet?id=idockddgbi4oomk5w&url=ad2.apx.appier.net&zoneid=789 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=789&acid=yosMxOXEB6yqzscSod32YA&id=idockddgbi4oomk5w

Request Chain 334

https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=874119545 HTTP 302
https://dmp.tenmax.io/cmp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cacafly&google_ula=514624859,1626791330&google_hm=elMvTTBPbG1FZXUrbGkwaEgvZXN4dz09&google_cm HTTP 302
https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESEH_xjyFB8jUeqr7W6cy4AF0&google_cver=1&google_ula=514624859,2

Request Chain 401

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1&C=1

Request Chain 402

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPbdo5jCQk693D-VKangEwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1

Request Chain 403

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKSn-sxV060K9c8aUuxPo3U&google_cver=1

Request Chain 404

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyNDQ4NTM0MzkyMjUwNzc4Ng%3D%3D

Request Chain 405

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1

Request Chain 406

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPbdo5jCQk693D-VKangEwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1

Request Chain 407

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKSn-sxV060K9c8aUuxPo3U&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKSn-sxV060K9c8aUuxPo3U%26google_cver%3D1

Request Chain 408

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyNDQ4NTM0MzkyMjUwNzc4Ng%3D%3D

Request Chain 431

https://de-config.sensic.net/tp?ty=IM&optin=false&m=campaign_3301&c=26016321_305418734_153890634_498044657&cp_c1=26016321&cp_c2=&cp_c3=498044657&cp_c4=305418734&cp_c5=&cp_c6=153890634&cp_c7=&pr=423678493&gdpr=&gdpr_consent= HTTP 302
https://1f2dd3a35e71de738555c9c2cc8ddd9118173a8797217762ab63a9c3.trk.sensic.net/tp.gif?m=campaign_3301&p=de-config

Request Chain 443

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=789&id=idockddgbi4oomk5w HTTP 307
https://gocm.c.appier.net/aanet?id=idockddgbi4oomk5w&url=ad2.apx.appier.net&zoneid=789 HTTP 302
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=789&acid=yosMxOXEB6yqzscSod32YA&id=idockddgbi4oomk5w

Request Chain 455

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 461

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKvbSsTeG3JWT4VFNFWO-Cq7PL_BY1T4Sds-sVkz9aca6xD_ZjsfQvClWp0xoLjt0lwwEquCtJ6bXvmpknNiGfCEYE-B34&google_gid=CAESEDlvOhOigpE3HzuXzYmAPvY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBiZHBBQUFCTEZXcXpzeQ&google_push=AYg5qPKvbSsTeG3JWT4VFNFWO-Cq7PL_BY1T4Sds-sVkz9aca6xD_ZjsfQvClWp0xoLjt0lwwEquCtJ6bXvmpknNiGfCEYE-B34

Request Chain 462

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJO4OQ6sTdhp9mpmAeEQ5m3ecUmeLH7CvGcX8iP0ghLCx6ldsmami4CoTRDWttpVhynZ_Dk6fkcAOCuanC8R6W8qQUG8WA&google_gid=CAESEK0FdFFFOY_2440-nVqZn7Q&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKS724cGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBKTzRPUTZzVGRocDltcG1BZUVRNW0zZWNVbWVMSDdDdkdjWDhpUDBnaExDeDZsZHNtYW1pNENvVFJEV3R0cFZoeW5aX0RrNmZrY0FPQ3VhbkM4UjZXOHFRVUc4V0E HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwa0pfWUJsQ2Vhd0NkY1A0ekJ6ZUNneWVoeU5wTnppSnNlWll2eTIyNk5rSQ==&google_push

Request Chain 463

https://rtb.openx.net/sync/dds?google_gid=CAESEE5DIiAFGincuh-DBeIc_gc&google_cver=1&google_push=AYg5qPJbIX8L5XPF-3aDiaFu21APMZvTcwGlr0AuoSfZj3Uq19dndcI3Tk4d2aDMpSZoU0rXRHV2cmemU6pgBZa0OnmJq_KXlHQ HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEE5DIiAFGincuh-DBeIc_gc&google_cver=1&google_push=AYg5qPJbIX8L5XPF-3aDiaFu21APMZvTcwGlr0AuoSfZj3Uq19dndcI3Tk4d2aDMpSZoU0rXRHV2cmemU6pgBZa0OnmJq_KXlHQ&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJbIX8L5XPF-3aDiaFu21APMZvTcwGlr0AuoSfZj3Uq19dndcI3Tk4d2aDMpSZoU0rXRHV2cmemU6pgBZa0OnmJq_KXlHQ&google_hm=hcizb6SCxV4JjrNRwEfS6Q==

Request Chain 464

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECMowvfLBsZaYvyBTMY4tHI&google_cver=1&google_push=AYg5qPIJcBAE3WAGUaEyCcV7G73Y6aPX8d3o0Bj9_p8FCWZnzeyjNnvJtzEOJ2aTCzGb2fHMlvmjUUzMDYS8eYTIOuigui6CBQI HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECMowvfLBsZaYvyBTMY4tHI&google_cver=1&google_push=AYg5qPIJcBAE3WAGUaEyCcV7G73Y6aPX8d3o0Bj9_p8FCWZnzeyjNnvJtzEOJ2aTCzGb2fHMlvmjUUzMDYS8eYTIOuigui6CBQI&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ReTTYbpNTUiIudIlzC2_nA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJcBAE3WAGUaEyCcV7G73Y6aPX8d3o0Bj9_p8FCWZnzeyjNnvJtzEOJ2aTCzGb2fHMlvmjUUzMDYS8eYTIOuigui6CBQI

Request Chain 465

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHt6-T7z3ibhdXRl0tx6R_I&google_cver=1&google_push=AYg5qPKWDpn4PP5wL6o3knoHR0pkOXKgtcfRYK_xY1S8DWHZ0ol6Piof75cTSLLnYsX2PNpohtm-E6grBJa7t9QHn2qZGFeFwA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JDNUsxTUotMU0tSVBQUg==&google_push=AYg5qPKWDpn4PP5wL6o3knoHR0pkOXKgtcfRYK_xY1S8DWHZ0ol6Piof75cTSLLnYsX2PNpohtm-E6grBJa7t9QHn2qZGFeFwA

Request Chain 466

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk&google_tc=

Request Chain 468

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ6wNYumPe4kf2csdKBfJRk&google_cver=1&google_push=AYg5qPKUzZA4aqGukaUsNuXenJMdzJ5CkYgPcpRvdNR8nu5uEA-ChShM9R7fK62oFZS-YoSyWSfZ6zFti96jtukO-Jvnp6UhyME HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKUzZA4aqGukaUsNuXenJMdzJ5CkYgPcpRvdNR8nu5uEA-ChShM9R7fK62oFZS-YoSyWSfZ6zFti96jtukO-Jvnp6UhyME&google_hm=1RmXRtblpdzuoODvVSsDeA

Request Chain 470

https://rtb.openx.net/sync/dds?google_gid=CAESEP-fY0LCUeHWM2rF_zCFOoE&google_cver=1&google_push=AYg5qPL994jZCWz2Aks4MfhnrhfhI_kC5RUYGOrrMwPMGkTY-OKfbl8vimq6OeVL1mfRfqkGrjGEm1ZJRz-h5A3Ex-FHe4puLjs HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEP-fY0LCUeHWM2rF_zCFOoE&google_cver=1&google_push=AYg5qPL994jZCWz2Aks4MfhnrhfhI_kC5RUYGOrrMwPMGkTY-OKfbl8vimq6OeVL1mfRfqkGrjGEm1ZJRz-h5A3Ex-FHe4puLjs&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL994jZCWz2Aks4MfhnrhfhI_kC5RUYGOrrMwPMGkTY-OKfbl8vimq6OeVL1mfRfqkGrjGEm1ZJRz-h5A3Ex-FHe4puLjs&google_hm=hcizb6SCxV4JjrNRwEfS6Q==

Request Chain 471

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBv8jpmYlFDMQEWnxiUrREk&google_cver=1&google_push=AYg5qPIL7MCkDmgcS55piQ26OeO42q0NaiOC33LGxOgMIhuJo-X7axGCQCpe1sknVIhB0xWzUgpkye_XNjcwj1oa9OUoi0EfbjM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBv8jpmYlFDMQEWnxiUrREk&google_cver=1&google_push=AYg5qPIL7MCkDmgcS55piQ26OeO42q0NaiOC33LGxOgMIhuJo-X7axGCQCpe1sknVIhB0xWzUgpkye_XNjcwj1oa9OUoi0EfbjM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PHfPECo2SCyc_1kKWg9PVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIL7MCkDmgcS55piQ26OeO42q0NaiOC33LGxOgMIhuJo-X7axGCQCpe1sknVIhB0xWzUgpkye_XNjcwj1oa9OUoi0EfbjM

Request Chain 472

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN3K3U8wQyPioM_KPtgnDTg&google_cver=1&google_push=AYg5qPJ0pNfBdLjdw0qSjL7pdC-TOfix2VWSCZhUd4aOpS-UFHH_Y7ConAta1H2tpKNbWWo9fDb-y2oOTYyYbCyOjVsQstg82w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JDNUsxTkQtWC03RUVF&google_push=AYg5qPJ0pNfBdLjdw0qSjL7pdC-TOfix2VWSCZhUd4aOpS-UFHH_Y7ConAta1H2tpKNbWWo9fDb-y2oOTYyYbCyOjVsQstg82w

Request Chain 473

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k&google_tc= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k&google_tc=

Request Chain 482

https://fw.adsafeprotected.com/rfw/st/769474/55842337/skeleton.js?adsafe_url=https%3A%2F%2Fhinet.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fhinet.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:c84f3ccb-ba9c-84da-8749-6507619c7300,c:iVcXXV,sl:na,em:true,fr:false,mn:app09ie,pt:1-5-15,br:u,abv:na,an:n,dvs:visible,oam:0,nbld:0,mtim:307,fm:sDImDUP+1111%7C11121%7C11122%7C11123%7C1113%7C1114%7C112%7C113%7C12%7C131%7C1321%7C133%7C1411%7C14121%7C14122%7C14123%7C14124%7C1413%7C14141%7C1415%7C15%7C161%7C162%7C1711%7C1712%7C1713%7C1721%7C1722%7C181%7C191%7C1a1%7C1a2*.769474-55842337%7C1a21%7C1a22%7C1a23%7C1a24%7C1a3%7C1a41%7C1a5,idMap:1a2*,pl:,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:337,oid:ce2b91f7-e966-11eb-9b25-0ae761671616,v:19.8.217,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 507

https://sync.aralego.com/idsync HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/733c3307-df76-318a-8763-b1b4aeeefb99?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-z.LVZhZE2oUk0A65X5bcnYVEWtA0res0sGq1qK8-~A&redirect= HTTP 302
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=733c3307-df76-318a-8763-b1b4aeeefb99&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=733c3307-df76-318a-8763-b1b4aeeefb99&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=530fe2da-de48-45d6-87d5-deb51095078f&google_hm=NTMwZmUyZGEtZGU0OC00NWQ2LTg3ZDUtZGViNTEwOTUwNzhm HTTP 302
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELxmIJ-ugLufCLv4rrHRoeg&google_cver=1&ssp=ucfunnel&bsw_param=530fe2da-de48-45d6-87d5-deb51095078f HTTP 302
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=530fe2da-de48-45d6-87d5-deb51095078f HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=NzMzYzMzMDctZGY3Ni0zMThhLTg3NjMtYjFiNGFlZWVmYjk5&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
https://cdn.aralego.net/img/1x1.png

Request Chain 522

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 547

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=nelijzWKBKGrnh2mpd32YA

Request Chain 548

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=nelijzWKBKGrnh2mpd32YA

Request Chain 614

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLrtjen9UN_WiUqEAUYL6NMXd9idlRZWF4PTu4ozP8xbH3fdlqsggoNAnxPBPJlaYEuRE9yFjTb1weWohyoiHhNGxR0u-jL&google_gid=CAESEFYfRlr9dyF7bHuyhD59qCg&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLrtjen9UN_WiUqEAUYL6NMXd9idlRZWF4PTu4ozP8xbH3fdlqsggoNAnxPBPJlaYEuRE9yFjTb1weWohyoiHhNGxR0u-jL&google_gid=CAESEFYfRlr9dyF7bHuyhD59qCg&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MjAxNDI4NTUwMDA5NjI1ODkwNjA2OA%3D%3D&google_push=AYg5qPLrtjen9UN_WiUqEAUYL6NMXd9idlRZWF4PTu4ozP8xbH3fdlqsggoNAnxPBPJlaYEuRE9yFjTb1weWohyoiHhNGxR0u-jL

Request Chain 616

https://rtb.openx.net/sync/dds?google_gid=CAESEDQ_3Ol_9dFmyqg_Yf6wxOg&google_cver=1&google_push=AYg5qPJ4FCTQD--hmlxYxW9goaUq36wCeJpFAlOWnxvm7NvY8_8EMdPhIao6eDVadxyUyx3neFBixD9wGPnFmkl1YJuAquOftIkq HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEDQ_3Ol_9dFmyqg_Yf6wxOg&google_cver=1&google_push=AYg5qPJ4FCTQD--hmlxYxW9goaUq36wCeJpFAlOWnxvm7NvY8_8EMdPhIao6eDVadxyUyx3neFBixD9wGPnFmkl1YJuAquOftIkq&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ4FCTQD--hmlxYxW9goaUq36wCeJpFAlOWnxvm7NvY8_8EMdPhIao6eDVadxyUyx3neFBixD9wGPnFmkl1YJuAquOftIkq&google_hm=eDRhOOSwyXIbYvqcWPToIw==

Request Chain 617

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDMtz-GJP9I65M71YZuMNKE&google_cver=1&google_push=AYg5qPJgFw_HibkguXbvxtZehsE1TQkKTpY7rv9zB2lRJRZ9jQ5W69dcGklatmLajWQlQHRvU7Xid4QBJf_uplm9LJ4IYHoHypQ6 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDMtz-GJP9I65M71YZuMNKE&google_cver=1&google_push=AYg5qPJgFw_HibkguXbvxtZehsE1TQkKTpY7rv9zB2lRJRZ9jQ5W69dcGklatmLajWQlQHRvU7Xid4QBJf_uplm9LJ4IYHoHypQ6&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Y6eMR8UBQnOOBMnbeEKJZw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJgFw_HibkguXbvxtZehsE1TQkKTpY7rv9zB2lRJRZ9jQ5W69dcGklatmLajWQlQHRvU7Xid4QBJf_uplm9LJ4IYHoHypQ6

Request Chain 618

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBWRLvrN2xMOcUsKQwXQvds&google_cver=1&google_push=AYg5qPKtglKIRQsdu6LE9m6xJDMyv-Xqmqud00VtlhHCGqzMrq-amcv7cEmMFanmdnvJfExYDlJwowKkooDRanCXEbVrsJA2JPXu HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JDNUszU1AtSS00MkZL&google_push=AYg5qPKtglKIRQsdu6LE9m6xJDMyv-Xqmqud00VtlhHCGqzMrq-amcv7cEmMFanmdnvJfExYDlJwowKkooDRanCXEbVrsJA2JPXu

Request Chain 619

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA

637 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
hinet.net/
Redirect Chain

http://hinet.net/
https://hinet.net/

183 KB
33 KB

965ms
244ms

Document
text/html

203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

071671f5f182f51ce4746e88c31b09d1e46cb7c4987e8a23a0fba56f066931db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Host: hinet.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:36 GMT
Server: Apache
X-Content-Type-Options: nonsniff
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Last-Modified: Tue, 20 Jul 2021 14:27:27 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Cache-Control: max-age=60
Expires: Tue, 20 Jul 2021 14:29:36 GMT
X-XSS-Protection: 1;mode=block
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Content-Length: 33497
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Redirect headers

Location: https://hinet.net/
Server: BigIP
Connection: Keep-Alive
Content-Length: 0

GET
H/1.1 200
OK bookblock.css
hinet.net/resources/css/ 3 KB
1 KB 700ms
242ms Stylesheet
text/css 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://hinet.net/resources/css/bookblock.css

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

4e9023b5386670a80bd8dcf12f060dc5a924f28bdb9caf8241990f18a9dc1055

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 737
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: text/css
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Thu, 19 Aug 2021 14:28:37 GMT

GET
H/1.1 200
OK custom2.css
hinet.net/resources/css/ 3 KB
2 KB 712ms
237ms Stylesheet
text/css 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://hinet.net/resources/css/custom2.css

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

b8cb3ff0b3e138f0dd91fd1a105f16aa69eaa4fc6606447a44a4dd759b43f6d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 935
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: text/css
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Aug 2021 14:28:37 GMT

GET
H/1.1 200
OK global.css
hinet.net/resources/css/ 55 KB
10 KB 742ms
249ms Stylesheet
text/css 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://hinet.net/resources/css/global.css?20171101

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

1e529912022bd16a5438c30df717862ae7a63e74567e17294bd0dab7e446940e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 9152
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: text/css
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Aug 2021 14:28:37 GMT

GET
H/1.1 200
OK crazyad.css
hinet.net/resources/css/ 1 KB
1012 B 739ms
247ms Stylesheet
text/css 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://hinet.net/resources/css/crazyad.css

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

709c9fb1ccffe894ddf44d190dfe85488297e65595d35743d2afe7b592291157

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 332
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: text/css
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Aug 2021 14:28:37 GMT

GET
H/1.1 200
OK jquery-3.5.0.min.js Show response
hinet.net/resources/js/ 87 KB
31 KB 746ms
252ms Script
application/javascript 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://hinet.net/resources/js/jquery-3.5.0.min.js

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 30836
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: application/javascript
Cache-Control: max-age=604800
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Tue, 27 Jul 2021 14:28:37 GMT

GET
H/1.1 200
OK crazyad.js Show response
hinet.net/resources/js/ 7 KB
2 KB 938ms
237ms Script
application/javascript 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://hinet.net/resources/js/crazyad.js

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

f86c51c1ce8a6ec2616775dac76dcae0d7dae876ab9b77e8d89a45caf76c788c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 1274
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: application/javascript
Cache-Control: max-age=604800
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Tue, 27 Jul 2021 14:28:37 GMT

GET
H2 200 swfobject.min.js Show response
cdnjs.cloudflare.com/ajax/libs/swfobject/2.2/ 9 KB
4 KB 15ms
13ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/swfobject/2.2/swfobject.min.js

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 416351
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 3217
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ff8-23fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dRWI%2BDWxYDkKYCSidc7t4pIcp%2BUM4%2FH2%2Fk7m1MxdY4btBsnbOZA3%2FKje881elVGPADzFUwOYB6bsBnQ1ukbTipwF%2Fm1P18cu3Y%2BmTZkubR2krnnY1cgWrbzDkmy4YyVsY8%2FLbFxMnTKBlFZgn5JqDPF"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 671ce08209074ee6-FRA
expires: Sun, 10 Jul 2022 14:28:36 GMT

GET
H/1.1 200
OK jquery.cookie.js Show response
hinet.net/resources/js/ 1 KB
1 KB 948ms
237ms Script
application/javascript 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://hinet.net/resources/js/jquery.cookie.js

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

8d45fede62e78272c9c77c96f94ae3de83b66a8697e90b412625e6ce6a2929db

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 496
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: application/javascript
Cache-Control: max-age=604800
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Tue, 27 Jul 2021 14:28:37 GMT

GET
H/1.1 200
OK swiper.min.css
hinet.net/resources/css/ 19 KB
4 KB 739ms
247ms Stylesheet
text/css 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://hinet.net/resources/css/swiper.min.css

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 3023
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: text/css
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Thu, 19 Aug 2021 14:28:37 GMT

GET
H/1.1 200
OK swiper.min.js Show response
hinet.net/resources/js/ 125 KB
33 KB 990ms
252ms Script
application/javascript 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://hinet.net/resources/js/swiper.min.js

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 33145
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: application/javascript
Cache-Control: max-age=604800
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Tue, 27 Jul 2021 14:28:37 GMT

GET
H2 200 app.js Show response
ssp.hinet.net/api/ 27 KB
8 KB 985ms
239ms Script
application/javascript 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/app.js
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 6c269fa0bcf62f50d781d2ffc36b670fcf049b06d3b6ec122ba8f8f62b38c706

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 13:59:51 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript

GET
H/1.1 200
OK 17abcb8a25b00000370a.jpg
hinet.net/data/upload/logo/ 43 KB
43 KB 254ms
246ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/logo/17abcb8a25b00000370a.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

97327379757e31241f84821457184b269be28de4dc786e6cbbf86ef4b7277099

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:38 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 43832
X-XSS-Protection: 1;mode=block
Last-Modified: Mon, 19 Jul 2021 03:04:27 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Thu, 19 Aug 2021 14:28:38 GMT

GET
H/1.1 200
OK 867b92e06f2511ea9f8f005056ac569e.png
hinet.net/data/upload/liveDistrict/ 20 KB
20 KB 244ms
236ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/liveDistrict/867b92e06f2511ea9f8f005056ac569e.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

25aeb31723a4be8458d817e6bf261b3ad25a605377ebe418edca2d33932f44b2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:38 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 20233
X-XSS-Protection: 1;mode=block
Last-Modified: Thu, 26 Mar 2020 05:49:14 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Thu, 19 Aug 2021 14:28:38 GMT

GET
H/1.1 200
OK 9ba7cf6082e111ea8850005056ac569e.png
hinet.net/data/upload/liveDistrict/ 21 KB
21 KB 250ms
242ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/liveDistrict/9ba7cf6082e111ea8850005056ac569e.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

8346e27008b3c9ccca917faaedb8535e3475d1cf22c06e20a00415f13ca935e4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:38 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 21044
X-XSS-Protection: 1;mode=block
Last-Modified: Mon, 20 Apr 2020 08:33:27 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Aug 2021 14:28:38 GMT

GET
H/1.1 200
OK 2489820082e311ea8850005056ac569e.png
hinet.net/data/upload/liveDistrict/ 18 KB
19 KB 254ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/liveDistrict/2489820082e311ea8850005056ac569e.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

47cdfd0d0b98c932d816b035996cd78f793456738d7e59f420d862d39d3aea41

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:38 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 18307
X-XSS-Protection: 1;mode=block
Last-Modified: Mon, 20 Apr 2020 08:44:27 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Thu, 19 Aug 2021 14:28:38 GMT

GET
H/1.1 200
OK 190-85_radio.jpg
hinet.net/resources/img/ 9 KB
9 KB 247ms
247ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/img/190-85_radio.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

a218f54e6094a485d863463ccbeb8f7d29605f141591bd40faa8d649ddcf399a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:38 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 9016
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Thu, 19 Aug 2021 14:28:38 GMT

GET
H/1.1 200
OK min_global.css
hinet.net/resources/css/ 1 KB
1 KB 247ms
247ms Stylesheet
text/css 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://hinet.net/resources/css/min_global.css?20210322

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

8a3bbea4030e67771673bfcd17966159f1881dc56bbf67947f069381d00d28b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 569
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: text/css
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Expires: Thu, 19 Aug 2021 14:28:45 GMT

GET
H/1.1 200
OK 3461b130413111e7ab2d005056ac569e.png
hinet.net/data//upload/productMenu/ 41 KB
42 KB 239ms
238ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data//upload/productMenu/3461b130413111e7ab2d005056ac569e.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

dcc5c641c050be6f3e6a66337de455a55beb713a365d39bfc756d5c949957dd8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:38 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 41944
X-XSS-Protection: 1;mode=block
Last-Modified: Thu, 25 May 2017 10:02:04 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Thu, 19 Aug 2021 14:28:38 GMT

GET
H/1.1 200
OK 91299f902b8f11e5ae2f005056ac569e.png
hinet.net/data//upload/productMenu/ 44 KB
45 KB 249ms
248ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data//upload/productMenu/91299f902b8f11e5ae2f005056ac569e.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

1150574a8a9e2628fb590ec6c4563ad7f39bd06032cfb3a693982c3ed3d0159c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:38 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 45193
X-XSS-Protection: 1;mode=block
Last-Modified: Thu, 16 Jul 2015 07:52:15 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Aug 2021 14:28:38 GMT

GET
H/1.1 200
OK 072be800a03c11e8b755005056ac569e.png
hinet.net/data//upload/productMenu/ 28 KB
28 KB 248ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data//upload/productMenu/072be800a03c11e8b755005056ac569e.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

a11f72929684f0a4aa70a7f9b2855757629a3f77b43b71771cb9359e3ca7dff4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:38 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 28208
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 15 Aug 2018 14:49:53 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Aug 2021 14:28:38 GMT

GET
H/1.1 200
OK 05ade3304b2311e7ab2d005056ac569e.png
hinet.net/data//upload/productMenu/ 40 KB
41 KB 249ms
249ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data//upload/productMenu/05ade3304b2311e7ab2d005056ac569e.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

7af321e007e961c23291b7097f01d3e2a00b9fd142545d18f5ff4dd454ed99ae

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 41412
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 07 Jun 2017 01:45:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK a97642c0d48911ebbde800505696d644.png
hinet.net/data/upload/recommand/ 23 KB
23 KB 248ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/recommand/a97642c0d48911ebbde800505696d644.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

c12666c9d6771d583e14e1ac02107ae6ffa41301c9d763ae139e368931deb8c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 23377
X-XSS-Protection: 1;mode=block
Last-Modified: Thu, 24 Jun 2021 01:15:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK 34348d80d98111eba2f900505696d644.png
hinet.net/data/upload/recommand/ 18 KB
19 KB 238ms
237ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/recommand/34348d80d98111eba2f900505696d644.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

7952f990b79ad142364494521ae1e8ead0fb8af9e70311df25dbe575b1fc85d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 18397
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 30 Jun 2021 08:57:53 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK 06b29020e5e111eba2f900505696d644.png
hinet.net/data/upload/recommand/ 17 KB
18 KB 241ms
240ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/recommand/06b29020e5e111eba2f900505696d644.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

19fd9f8950c412f813c518d74a6db2e17a47708d686a250d0b9aeb1a1d33e3d9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 17537
X-XSS-Protection: 1;mode=block
Last-Modified: Fri, 16 Jul 2021 02:53:55 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK 7dab1c70df9111eba2f900505696d644.png
hinet.net/data/upload/recommand/ 21 KB
21 KB 248ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/recommand/7dab1c70df9111eba2f900505696d644.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

fd4ee213f6385742fd19f7f2b91cc6e4031254f49873113f4e34fb9e9042b40a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 21032
X-XSS-Protection: 1;mode=block
Last-Modified: Thu, 08 Jul 2021 02:09:32 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK f7c06430c36b11ebb50800505696d644_o.png
hinet.net/data/upload/commonServices/ 1 KB
2 KB 247ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/f7c06430c36b11ebb50800505696d644_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

b6be9ab7107b7a51e5f6007fa2d9398c0ebda6dc0ca9a90fbacae257a697a7c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1094
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 02 Jun 2021 06:30:18 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK f7d7bcc0c36b11ebb50800505696d644_o.png
hinet.net/data/upload/commonServices/ 649 B
1 KB 247ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/f7d7bcc0c36b11ebb50800505696d644_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

b6ae9796b7529e803d74ca005623fb11d8150dbbee804cd209481860320993c4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 649
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 02 Jun 2021 06:30:18 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK f7e948f0c36b11ebb50800505696d644_o.png
hinet.net/data/upload/commonServices/ 1 KB
2 KB 237ms
236ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/f7e948f0c36b11ebb50800505696d644_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

104be199952a234c2e106d23c94f6006439d0f746985c1b3b1710c659e8b74f8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1080
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 02 Jun 2021 06:30:18 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK f7fcf800c36b11ebb50800505696d644_o.png
hinet.net/data/upload/commonServices/ 1 KB
2 KB 241ms
237ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/f7fcf800c36b11ebb50800505696d644_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

965bd80b6160ea097e9aba3a357ec6a515781e566847fd3ae0492e7868f77238

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1047
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 02 Jun 2021 06:30:19 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK f812f100c36b11ebb50800505696d644_o.png
hinet.net/data/upload/commonServices/ 789 B
1 KB 246ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/f812f100c36b11ebb50800505696d644_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

b5610cce0fea21c20d7cc297ff5d1668051df6f443dfdbd54197579bbae9ef05

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 789
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 02 Jun 2021 06:30:19 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK f827ffa0c36b11ebb50800505696d644_o.png
hinet.net/data/upload/commonServices/ 2 KB
2 KB 247ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/f827ffa0c36b11ebb50800505696d644_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

40156a88da2c609b0cdec03ac522ae1d0fd11021a1b22cfd3c6c665162d70b4f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1567
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 02 Jun 2021 06:30:19 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK f83aeb60c36b11ebb50800505696d644_o.png
hinet.net/data/upload/commonServices/ 960 B
2 KB 239ms
237ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/f83aeb60c36b11ebb50800505696d644_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

d8e820086e4d18910d06282df012e28566badb2f51ff19f4ce7f34a2792fefff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 960
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 02 Jun 2021 06:30:19 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK f84b8d30c36b11ebb50800505696d644_o.png
hinet.net/data/upload/commonServices/ 924 B
2 KB 250ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/f84b8d30c36b11ebb50800505696d644_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

75db90865a5d77b29bb3ea3600a6f5b3805a2c53b2d634fb109377ca8cf5f793

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 924
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 02 Jun 2021 06:30:19 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK f85ec710c36b11ebb50800505696d644_o.png
hinet.net/data/upload/commonServices/ 855 B
1 KB 249ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/f85ec710c36b11ebb50800505696d644_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

f7c86ec7c63b78324a8ff2cfd5fe5d38b713d8b08d99aef755cc28ae3a482ba4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 855
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 02 Jun 2021 06:30:19 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK a238b810926011e584ed005056ac569e_o.png
hinet.net/data/upload/commonServices/ 2 KB
2 KB 252ms
248ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/a238b810926011e584ed005056ac569e_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

0d6b4f004b4a0f5e78f2263f634c74874759eeb4cef84aa22b71f03fd2926284

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1893
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 24 Nov 2015 04:05:45 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK 7fc585d03f1211e4a32e005056ac569e_o.png
hinet.net/data/upload/commonServices/ 2 KB
2 KB 237ms
236ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/7fc585d03f1211e4a32e005056ac569e_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

53cd005363195a9c87b74ac8f259c97adb91f23066a0f6d1bc4b034e4031a4c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1654
X-XSS-Protection: 1;mode=block
Last-Modified: Thu, 18 Sep 2014 09:02:21 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK 7fbecf103f1211e4a32e005056ac569e_o.png
hinet.net/data/upload/commonServices/ 1 KB
2 KB 238ms
237ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/7fbecf103f1211e4a32e005056ac569e_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

4776a2aadc14a00a48ad7da0c758ea69e033a6f3532e500ee04a7cac054573dc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1529
X-XSS-Protection: 1;mode=block
Last-Modified: Thu, 18 Sep 2014 09:02:21 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK 7fd0a9603f1211e4a32e005056ac569e_o.png
hinet.net/data/upload/commonServices/ 2 KB
2 KB 248ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/7fd0a9603f1211e4a32e005056ac569e_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

6b62d93177c585c840884e93fe16a445b0f5a2796f907adbd9cdb0e86a46b485

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1879
X-XSS-Protection: 1;mode=block
Last-Modified: Thu, 18 Sep 2014 09:02:21 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK 6a9f2330901311e4bc7e005056ac569e_o.png
hinet.net/data/upload/commonServices/ 2 KB
3 KB 247ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/6a9f2330901311e4bc7e005056ac569e_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

88457e06b8f9a387aa2da1c830dad1fce05a017a20a3167e4d1eb11f091a6f4d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 2180
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 30 Dec 2014 11:02:59 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK 7fd4a1003f1211e4a32e005056ac569e_o.png
hinet.net/data/upload/commonServices/ 2 KB
2 KB 248ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/7fd4a1003f1211e4a32e005056ac569e_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

41d2c7aceb88e3a97473335d02e4608d25844383c1128c8f3443a6fbedf079bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1773
X-XSS-Protection: 1;mode=block
Last-Modified: Thu, 18 Sep 2014 09:02:21 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK 7faa0e903f1211e4a32e005056ac569e_o.png
hinet.net/data/upload/commonServices/ 2 KB
2 KB 247ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/7faa0e903f1211e4a32e005056ac569e_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

a1127adbde0c3cf2968736a5830336bcd6dd2b0c98a63a98460a56a431f7626a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1798
X-XSS-Protection: 1;mode=block
Last-Modified: Thu, 18 Sep 2014 09:02:21 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK cdeaff307e9f11e8aedd005056ac569e_o.png
hinet.net/data/upload/commonServices/ 796 B
1 KB 240ms
236ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/cdeaff307e9f11e8aedd005056ac569e_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

c8df3cd043e502e6da8b95958eb0e10fa2c5b2765c09ed9224dece7aa076ea81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 796
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 03 Jul 2018 19:11:33 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK c39bcbf09b9411e4adbc005056ac569e_o.png
hinet.net/data/upload/commonServices/ 1 KB
2 KB 238ms
237ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/commonServices/c39bcbf09b9411e4adbc005056ac569e_o.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

a0ea72666eeff3ee8b69252879704e4e90828c6796a9407083d6ee3ee26f62fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1500
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 14 Jan 2015 02:26:38 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK 23419879.png
hinet.net/data/api/focus/ 33 KB
34 KB 474ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/focus/23419879.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

fc025dc474b61d437a8fd6882d65366bb75d00f01de0a48d9586ee76eb912a4a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 33916
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:27:36 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK 23419346.png
hinet.net/data/api/entertainment/ 27 KB
28 KB 251ms
250ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/entertainment/23419346.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

030496f376766011e52225aaf15aa20a3eda52ba9777b587a751fd057e18df4e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 27891
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 13:06:32 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK 23419945.png
hinet.net/data/api/sports/ 19 KB
20 KB 250ms
249ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/sports/23419945.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

1d4059eaf51c97949b042222d29ebfaac1fab2bc31252d7de2e9c8cefc88c9f5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 19948
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 13:09:31 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK 23419850.png
hinet.net/data/api/life/ 28 KB
28 KB 247ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/life/23419850.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

72a30a2e5f3998a585323394d28e4fd6b1c3e352c4b956c411f267d25e39a870

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 28514
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 13:12:36 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK 23419461.png
hinet.net/data/api/finance/ 30 KB
31 KB 248ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/finance/23419461.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

0079676b5881442c3f04a1e70afe5117e76e94b1bec5cd1312ab886caaaa3eee

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 30956
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 13:21:39 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H2 200 flowplayer-3.2.12.min.js Show response
cdn.jsdelivr.net/flowplayerflash/3.2.16/ 16 KB
6 KB 15ms
15ms Script
application/javascript 2a04:4e42:3::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/flowplayerflash/3.2.16/flowplayer-3.2.12.min.js

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:3::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

558c137ae8d2421d46b2ced70dc3d8eb54a63544a53930b30a555b7686001c91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1610562
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 6416
etag: W/"3f90-ZX1G66yUNOgp4y1IZgaD9tXEZLE"
x-served-by: cache-fra19157-FRA
date: Tue, 20 Jul 2021 14:28:38 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 210x255.png
hinet.net/resources/img/ 101 KB
102 KB 238ms
237ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/img/210x255.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

84ec017d85d502a938100d08b1e37e847a7e3d6b5d5798077075cc52930a55c8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 103521
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK placeholder.gif
hinet.net/resources/images/ 43 B
682 B 686ms
238ms Image
image/gif 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/placeholder.gif

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

376f6c554f20f590e06128798af747506af84676ffb235c768662b545450e62c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 43
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/gif
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK f1500510df9011eba2f900505696d644.png
hinet.net/data/upload/screenRightAd/ 19 KB
20 KB 699ms
237ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/screenRightAd/f1500510df9011eba2f900505696d644.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

21b36803c38ba9b302ab2b9e7c48a59dd7e28b26a4562aee4bdad1b3ffec786c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 19520
X-XSS-Protection: 1;mode=block
Last-Modified: Thu, 08 Jul 2021 02:05:37 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK 1015_5.png
hinet.net/data/api/magazine/ 193 KB
194 KB 239ms
238ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/1015_5.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

66c2a913310bce7cc1d77c07a2a4061fedf5a5ee260fde339525d00823d154a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 197922
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:31 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK 142_2.png
hinet.net/data/api/magazine/ 234 KB
235 KB 250ms
249ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/142_2.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

df1edd8d0694d05768c65aaebb0cbc54657eb1c348c64faa909a5fe99cd88e1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 239863
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:31 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK 481_2.png
hinet.net/data/api/magazine/ 249 KB
250 KB 249ms
249ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/481_2.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

59e3244058ea245473141f001bb5231f7171d3eca4ad5dd74785aae92fcf60b1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 254873
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:31 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK cp199_3.png
hinet.net/data/api/magazine/ 252 KB
252 KB 249ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/cp199_3.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

6f30fd7b423939a450950075fe10ef1b31511905aea5cfa1d9e699ef33dedccc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 257652
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:31 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK 741_2.png
hinet.net/data/api/magazine/ 267 KB
268 KB 250ms
249ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/741_2.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

be1d36041b109736727a9873c39b2b7d911b3593b4e6ee9abdc88c446f4b7c53

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:41 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 273467
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:31 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Expires: Thu, 19 Aug 2021 14:28:41 GMT

GET
H/1.1 200
OK cp143_M1075.png
hinet.net/data/api/magazine/ 231 KB
231 KB 239ms
238ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/cp143_M1075.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

f246423a0c4b1bae12a297ba2d9ba6b54944ec283b22f9b1bc1f5e311cdcddf3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:42 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 236271
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:31 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Expires: Thu, 19 Aug 2021 14:28:42 GMT

GET
H/1.1 200
OK 221_2.png
hinet.net/data/api/magazine/ 270 KB
271 KB 242ms
241ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/221_2.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

a71f99764e88c7093b525195b250cc189ecd4bdde746fcda474172bee574021f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:42 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 276375
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:31 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Expires: Thu, 19 Aug 2021 14:28:42 GMT

GET
H/1.1 200
OK cp105_2.png
hinet.net/data/api/magazine/ 104 KB
105 KB 247ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/cp105_2.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

5c4b0bd23a20e98bda1a509c343784589774d3247d413031f700d691973ec100

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:42 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 106898
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:31 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Expires: Thu, 19 Aug 2021 14:28:42 GMT

GET
H/1.1 200
OK cp151_2.png
hinet.net/data/api/magazine/ 253 KB
254 KB 252ms
248ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/cp151_2.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

af5af42df5eff4c1d5797602145db2b04dce265b40912d7654b90549d88d5303

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:42 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 259306
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:31 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Expires: Thu, 19 Aug 2021 14:28:42 GMT

GET
H/1.1 200
OK 2341_2.png
hinet.net/data/api/magazine/ 133 KB
134 KB 247ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/2341_2.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

0f1baf9ccbb73ca6f712634504b7f1c1db0cfdb4ae6157871dfba0cc819a209c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:42 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 136616
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:39 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Expires: Thu, 19 Aug 2021 14:28:42 GMT

GET
H/1.1 200
OK 1264_5.png
hinet.net/data/api/magazine/ 210 KB
211 KB 247ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/1264_5.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

021953068d9eba9039cfaea4317c53e281d47810682ec03fb41391d028b4b84b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:42 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 214987
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:39 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Expires: Thu, 19 Aug 2021 14:28:42 GMT

GET
H/1.1 200
OK cp100_M1074.png
hinet.net/data/api/magazine/ 89 KB
90 KB 247ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/cp100_M1074.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

9a58fd534ab3a1d90f9929fab26a3dcb88ef657ea909588435d5174939543df5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:43 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 91354
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:39 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Expires: Thu, 19 Aug 2021 14:28:43 GMT

GET
H/1.1 200
OK 781_2.png
hinet.net/data/api/magazine/ 237 KB
238 KB 237ms
237ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/781_2.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

8dadb5b53b4d9276102921c8d084e4f5bb8be8685231d426c51c7c7813b14e1c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:43 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 242559
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:39 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Expires: Thu, 19 Aug 2021 14:28:43 GMT

GET
H/1.1 200
OK cp197_3.png
hinet.net/data/api/magazine/ 279 KB
280 KB 247ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/cp197_3.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

e5e038b3f2a804dc05c6ad8a215464d5f16a82bc2cbe913725576fcd8bc65e0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:43 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 285646
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:39 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Expires: Thu, 19 Aug 2021 14:28:43 GMT

GET
H/1.1 200
OK 1242_M1074.png
hinet.net/data/api/magazine/ 116 KB
116 KB 247ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/1242_M1074.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

d67aa314db8b59a11ec91d5bf32ee27f08856b0e80de06ed178b4e49b6852b6e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:43 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 118576
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:39 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Expires: Thu, 19 Aug 2021 14:28:43 GMT

GET
H/1.1 200
OK 1241_M1074.png
hinet.net/data/api/magazine/ 213 KB
213 KB 248ms
248ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/1241_M1074.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

200c71e1571c47f3913bc0ceb69da40483c43ebc7c4d4c25aa8aa4a9adb688a5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:43 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 217730
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:39 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Expires: Thu, 19 Aug 2021 14:28:43 GMT

GET
H/1.1 200
OK cp109_2.png
hinet.net/data/api/magazine/ 194 KB
195 KB 238ms
238ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/cp109_2.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

f51cfa71ca8f38778cdad83d5f7f6106b58291b6cbba2506b769ca1040575b81

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:43 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 198901
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:39 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Expires: Thu, 19 Aug 2021 14:28:43 GMT

GET
H/1.1 200
OK cp108_2.png
hinet.net/data/api/magazine/ 186 KB
186 KB 248ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/magazine/cp108_2.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

cd7a842d4f5946e033d1eac75ebdf6226f519729c70db483f0950c3f24b3dc76

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:43 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 190196
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:15:39 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Expires: Thu, 19 Aug 2021 14:28:43 GMT

GET
H/1.1 200
OK a928b130983f11eb843e00505696d644.png
hinet.net/data/upload/block/ 62 KB
63 KB 247ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/upload/block/a928b130983f11eb843e00505696d644.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

379971efb74e2925dfc767c1a775a402fd800868fcb6f8d42429c8048366f5bf

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:44 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 63978
X-XSS-Protection: 1;mode=block
Last-Modified: Thu, 08 Apr 2021 07:54:45 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Expires: Thu, 19 Aug 2021 14:28:44 GMT

GET
H/1.1 200
OK bc19de10b50635276da58d95247f6696.png
hinet.net/data/api/blogPromoteArticle/ 120 KB
121 KB 238ms
237ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/blogPromoteArticle/bc19de10b50635276da58d95247f6696.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

c1f04aabf6777f1cb7dc3eb334362def5d047cbac8825a2a2e32e78b29ccd03c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:44 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 123383
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:00:57 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Expires: Thu, 19 Aug 2021 14:28:44 GMT

GET
H/1.1 200
OK edddf6272a7f8f233ccb0df4526d8c33.png
hinet.net/data/api/blogPromoteArticle/ 147 KB
148 KB 246ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/blogPromoteArticle/edddf6272a7f8f233ccb0df4526d8c33.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

1c67fed2fcd2cb48bc8991e05435f7f77175ae187fb158b129d00cb97f6934d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:44 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 150663
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:00:58 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Expires: Thu, 19 Aug 2021 14:28:44 GMT

GET
H/1.1 200
OK 20d71d15759136ec17283598afeead79.png
hinet.net/data/api/blogPromoteArticle/ 129 KB
130 KB 238ms
237ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/blogPromoteArticle/20d71d15759136ec17283598afeead79.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

29ab4b961478dca398b65911aa35da32873642ad69f66ff106fbcd4f1dec6081

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:44 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 132411
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:00:57 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Expires: Thu, 19 Aug 2021 14:28:44 GMT

GET
H/1.1 200
OK 0d7c1d6d5f918e89853a75e0fcc5d8f0.png
hinet.net/data/api/blogPromoteArticle/ 106 KB
106 KB 247ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/blogPromoteArticle/0d7c1d6d5f918e89853a75e0fcc5d8f0.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

051a4eca1cbb7c8805962eb714d34da9ca04bc3c6d85bc602ba035724500be72

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:44 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 108132
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:00:58 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Expires: Thu, 19 Aug 2021 14:28:44 GMT

GET
H/1.1 200
OK 6af4357f400d927ead866a9caeb31149.png
hinet.net/data/api/blogPromoteArticle/ 129 KB
129 KB 238ms
238ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/blogPromoteArticle/6af4357f400d927ead866a9caeb31149.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

8800bcbd88010747cedb2324df6c6c265c563b5939feb156e6003e79adb7be57

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:44 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 131903
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:00:57 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Expires: Thu, 19 Aug 2021 14:28:44 GMT

GET
H/1.1 200
OK d9484a0926498c0abf159b26e0abe448.png
hinet.net/data/api/blogPromoteArticle/ 536 B
1 KB 248ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/blogPromoteArticle/d9484a0926498c0abf159b26e0abe448.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

1bdbf5e427949da5699b27d89666dd5bc0d3e1b00823f9e934e6174660731957

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:44 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 536
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:00:57 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=84
Expires: Thu, 19 Aug 2021 14:28:44 GMT

GET
H/1.1 200
OK 567a34173a24339f7600a6d782ae7180.png
hinet.net/data/api/blogPromoteArticle/ 536 B
1 KB 247ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/blogPromoteArticle/567a34173a24339f7600a6d782ae7180.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

1bdbf5e427949da5699b27d89666dd5bc0d3e1b00823f9e934e6174660731957

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:44 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 536
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:00:55 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=87
Expires: Thu, 19 Aug 2021 14:28:44 GMT

GET
H/1.1 200
OK e400250763e5bae4e7312009dfa5580c.png
hinet.net/data/api/blogPromoteArticle/ 103 KB
104 KB 247ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/blogPromoteArticle/e400250763e5bae4e7312009dfa5580c.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

4ea473f8090add28226b05a2cb22dfc9339f28205eff5543ddfad2d8847dbaed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:44 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 105417
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:00:55 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Expires: Thu, 19 Aug 2021 14:28:44 GMT

GET
H/1.1 200
OK e2f41957a5213433574293a0838d2ce1.png
hinet.net/data/api/blogPromoteArticle/ 91 KB
91 KB 247ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/blogPromoteArticle/e2f41957a5213433574293a0838d2ce1.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

b63ae0e854f1c9e37694c6abaec507547973c7b8b3a0c1211351a3cd265fe4d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:44 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 92934
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:00:55 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=86
Expires: Thu, 19 Aug 2021 14:28:44 GMT

GET
H/1.1 200
OK 8b322d092fc7729a1b5d6270536d3cc9.png
hinet.net/data/api/blogPromoteArticle/ 106 KB
106 KB 247ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/blogPromoteArticle/8b322d092fc7729a1b5d6270536d3cc9.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

524727207e7310f1c32a1b0e828e1f73b193ac7b4707b0d6cb262ef1717f7a9a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:45 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 108381
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:00:56 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Expires: Thu, 19 Aug 2021 14:28:45 GMT

GET
H/1.1 200
OK d319e4e884a77a12c765350387178ca8.png
hinet.net/data/api/blogPromoteArticle/ 79 KB
79 KB 250ms
249ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/blogPromoteArticle/d319e4e884a77a12c765350387178ca8.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

63489ba4f2a3195fa3c3fc09b123f74bfdc05793c13d54cd081de96fb7706c94

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:45 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 80732
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:00:55 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Expires: Thu, 19 Aug 2021 14:28:45 GMT

GET
H/1.1 200
OK fgm.js Show response
static.adsinstant.com/broadband/ 5 KB
3 KB 75ms
8ms Script
application/javascript 13.225.74.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsinstant.com/broadband/fgm.js
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-66.fra2.r.cloudfront.net
Software: nginx/1.10.3 /
Resource Hash: 928a38286e71379f61745515fdfa73418780cfc06a21b9da5658e9473d5a75ac

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 01:37:58 GMT
Content-Encoding: gzip
Last-Modified: Tue, 17 Nov 2020 00:04:13 GMT
Server: nginx/1.10.3
Age: 46239
ETag: W/"5fb3137d-124e"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: IH7oQ4fAUTM95aJFXC6Yrkgxr1wo-aFdPioUEYf9T0Y424VaZC44Lg==

GET
H/1.1 200
OK jquery.carouFredSel.packed.js Show response
hinet.net/resources/js/ 54 KB
14 KB 251ms
250ms Script
application/javascript 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://hinet.net/resources/js/jquery.carouFredSel.packed.js

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

f6f01595da7f42a535cf4361bdb512ae5c8e4e5ee16902c6e1dfaae9071b2f67

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 13787
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: application/javascript
Cache-Control: max-age=604800
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Tue, 27 Jul 2021 14:28:38 GMT

GET
H/1.1 200
OK indexCombined.js Show response
hinet.net/resources/js/ 43 KB
16 KB 255ms
254ms Script
application/javascript 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://hinet.net/resources/js/indexCombined.js

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

35137ab108d39f13c0a1f60bd881eadf537da8afde3a94597404a6a85414acc9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 15324
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: application/javascript
Cache-Control: max-age=604800
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Tue, 27 Jul 2021 14:28:38 GMT

GET
H/1.1 200
OK fgm.js Show response
static.adsinstant.com/hinet/ 7 KB
4 KB 16ms
7ms Script
application/javascript 13.225.74.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsinstant.com/hinet/fgm.js
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-66.fra2.r.cloudfront.net
Software: nginx/1.10.3 /
Resource Hash: d0e720308869dd05b2d7cd6b1bdb04d0a0c2227e1caf8b0f62645c696f24925c

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 05:43:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 May 2020 04:43:35 GMT
Server: nginx/1.10.3
Age: 31510
ETag: W/"5ecdeff7-1bf1"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: K1I4Now8TgAEWmkD1-ntVaCIH8QB3LxGBq03DdqH92K358QLQYgEIQ==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 96 KB
38 KB 26ms
24ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-52DVM3

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

457024657265ff5b23bcfbbe34a38fd5c226036884e4f04b590c7bd7ab1d3e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38468
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Jul 2021 14:28:38 GMT

GET
H/1.1 200 islogin Show response
search.hinet.net/ 15 B
2 KB 1530ms
237ms Script
text/plain 203.75.214.163
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://search.hinet.net/islogin?callback=islogin&_=1626791318284

Requested by

Host: hinet.net
URL: https://hinet.net/resources/js/jquery-3.5.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.163 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-163.HINET-IP.hinet.net

Software

Apache /

Resource Hash

2076d8986167ddb7af354ecca62d7c20cbc8eb8ee538b5f7f1fb8573d0b8bf3d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.hinet.net;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Content-Type: text/plain;charset=UTF-8
Connection: Keep-Alive
Content-Security-Policy: frame-ancestors *.hinet.net;
Strict-Transport-Security: max-age=31536000;
Vary: User-Agent
Content-Length: 15
X-XSS-Protection: 1;mode=block
Keep-Alive: timeout=5, max=100
Accept-Charset: big5, big5-hkscs, cesu-8, euc-jp, euc-kr, gb18030, gb2312, gbk, ibm-thai, ibm00858, ibm01140, ibm01141, ibm01142, ibm01143, ibm01144, ibm01145, ibm01146, ibm01147, ibm01148, ibm01149, ibm037, ibm1026, ibm1047, ibm273, ibm277, ibm278, ibm280, ibm284, ibm285, ibm290, ibm297, ibm420, ibm424, ibm437, ibm500, ibm775, ibm850, ibm852, ibm855, ibm857, ibm860, ibm861, ibm862, ibm863, ibm864, ibm865, ibm866, ibm868, ibm869, ibm870, ibm871, ibm918, iso-2022-cn, iso-2022-jp, iso-2022-jp-2, iso-2022-kr, iso-8859-1, iso-8859-13, iso-8859-15, iso-8859-2, iso-8859-3, iso-8859-4, iso-8859-5, iso-8859-6, iso-8859-7, iso-8859-8, iso-8859-9, jis_x0201, jis_x0212-1990, koi8-r, koi8-u, shift_jis, tis-620, us-ascii, utf-16, utf-16be, utf-16le, utf-32, utf-32be, utf-32le, utf-8, windows-1250, windows-1251, windows-1252, windows-1253, windows-1254, windows-1255, windows-1256, windows-1257, windows-1258, windows-31j, x-big5-hkscs-2001, x-big5-solaris, x-compound_text, x-euc-jp-linux, x-euc-tw, x-eucjp-open, x-ibm1006, x-ibm1025, x-ibm1046, x-ibm1097, x-ibm1098, x-ibm1112, x-ibm1122, x-ibm1123, x-ibm1124, x-ibm1166, x-ibm1364, x-ibm1381, x-ibm1383, x-ibm300, x-ibm33722, x-ibm737, x-ibm833, x-ibm834, x-ibm856, x-ibm874, x-ibm875, x-ibm921, x-ibm922, x-ibm930, x-ibm933, x-ibm935, x-ibm937, x-ibm939, x-ibm942, x-ibm942c, x-ibm943, x-ibm943c, x-ibm948, x-ibm949, x-ibm949c, x-ibm950, x-ibm964, x-ibm970, x-iscii91, x-iso-2022-cn-cns, x-iso-2022-cn-gb, x-iso-8859-11, x-jis0208, x-jisautodetect, x-johab, x-macarabic, x-maccentraleurope, x-maccroatian, x-maccyrillic, x-macdingbat, x-macgreek, x-machebrew, x-maciceland, x-macroman, x-macromania, x-macsymbol, x-macthai, x-macturkish, x-macukraine, x-ms932_0213, x-ms950-hkscs, x-ms950-hkscs-xp, x-mswin-936, x-pck, x-sjis_0213, x-utf-16le-bom, x-utf-32be-bom, x-utf-32le-bom, x-windows-50220, x-windows-50221, x-windows-874, x-windows-949, x-windows-950, x-windows-iso2022jp

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 1 KB
1 KB 719ms
246ms XHR
application/json 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017004&s=201702000018%2F201703000010&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791318534&oi=xb3n2&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017004%26s%3D201702000018%252F201703000010%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791318534%26oi%3Dxb3n2%26site%3Dhttps%253A%252F%252Fhinet.net%252F&o=ieqzU
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 177dafa6c08a59b00e569a24ddedc1a9a017145b42ca396dbbe76fc8f617a9b9

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 13:59:52 GMT
access-control-allow-credentials: true
server: nginx
content-length: 1220
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H/1.1 200
OK bg.jpg
hinet.net/resources/images/ 331 B
972 B 381ms
236ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/bg.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

ae1ae3f12d5ce5f5108040f0ead8e781c8f5ce05e6d01aa7d0d22b87a3f04b68

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 331
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK favorite.png
hinet.net/resources/images/ 1 KB
2 KB 318ms
249ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/favorite.png

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

a6d5299026b6bada6dcff5a83fc0ce3f52185c95ac1a27f09119f687ef8256e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1165
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H2 200 request Show response
ssp.hinet.net/api/web/ 3 KB
2 KB 245ms
245ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017004&s=201702000018%2F201703000010&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791318534&oi=d7uYt&site=https%3A%2F%2Fhinet.net%2F&o=TXHpg
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 61beb04b463f9c4f5cce95ea3c5d23d28bf27184d8be6f4823332d84c07850c2

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 13:59:52 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 tag.js Show response
t.ssp.hinet.net/ Frame FEA0 6 KB
3 KB 748ms
245ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/tag.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

7142961a1ad7563f0016537a0cf6bc977bf8ae9fe60a0885fde76211ae3aac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:40 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 00:56:37 GMT
server: nginx
etag: W/"60ece4c5-1662"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 20 Jul 2021 14:38:40 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame FEA0 90 KB
32 KB 31ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Origin: https://hinet.net
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:39 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1626791319.dop168.fr8.t,1626791319.cds277.fr8.hn,1626791319.cds018.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame FEA0 69 KB
24 KB 16ms
14ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

72e05e2b9663f192d248a1be27032bc54fe69d7d462c5debd23e58a5b86e51e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "935 / 81 of 1000 / last-modified: 1626779489"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24188
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:39 GMT

GET
H2 200 third
ssp.hinet.net/api/web/ 0
220 B 243ms
241ms Image
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/web/third?c=2017004&s=201702000018&th=91&wc=2905
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 13:59:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 pixel
t.ssp.hinet.net/ 0
79 B 746ms
246ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/pixel?bd=3d5a2090f44db2209713f8619c5bb1995692dcefed9e345445d691f60e93c384&ch=2017004&st=201702000018

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:40 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H/1.1 200
OK ad_close.png
hinet.net/resources/images/ 15 KB
15 KB 331ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/ad_close.png

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

9ef24a658a7586de26ebf440f2ab91eb5fe7f9b87e5594c572a110da2d78290f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 15206
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK radio_bg.png
hinet.net/resources/images/ 526 B
1 KB 293ms
237ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/radio_bg.png

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

90dd9a62a907864dd24843ada6bdd3f0616a0d43bf7ea66688fd96a084a0896a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 526
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK goleft.jpg
hinet.net/resources/images/ 1016 B
2 KB 533ms
239ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/goleft.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

5a87570005efc696b50d36c551f5aa866f4a9c97343659e1389e289a0122c719

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1016
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK goright.jpg
hinet.net/resources/images/ 872 B
1 KB 521ms
248ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/goright.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

084c0a5ef3734e18f99e9c2094f2fd1bbeaad9df74a9238c452c7dc3f9524b1f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 872
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK partition.jpg
hinet.net/resources/images/ 571 B
1 KB 322ms
247ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/partition.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

d66c04bdb56984da131681d29a8f026371f62149a6c0aa4867cd521ffce31295

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 571
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK search.jpg
hinet.net/resources/images/ 792 B
1 KB 455ms
246ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/search.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

fb8487dc0dd9c17804ae6dda22d896544bb20d0f041211057486bde29f5b3af9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 792
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H/1.1 200
OK barbg.jpg
hinet.net/resources/images/ 654 B
1 KB 328ms
245ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/barbg.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

39aac5640d326fd51d67f2f8ab0d8bd47c32e4b89346be41bff2c41152fb88c2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 654
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Thu, 19 Aug 2021 14:28:39 GMT

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame EFB0 14 KB
7 KB 50ms
50ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FHiNetsayHi&width=180&height=300&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e440f70f0749574d611acc451437378ff9c972397d01865fb7f1d3f31224bef

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FHiNetsayHi&width=180&height=300&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

vary: Accept-Encoding
content-encoding: br
x-fb-rlafr: 0
cross-origin-opener-policy: unsafe-none
pragma: no-cache
cache-control: private, no-cache, no-store, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: hKSIGtSnOq8pX+h4L5YrJepGtLj0EGGwZjO0pSdEEYShZsotGbrhHEFWivvPkax7H6xR0vDO2u7Gkl7wtm74NA==
date: Tue, 20 Jul 2021 14:28:39 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H2 200 index.html Show response
player.svc.litv.tv/ Frame 0313 5 KB
2 KB 62ms
9ms Document
text/html 2600:9000:2156:e800:3:cecd:5f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 057a59d0cd90e6a6c767ac5a08883116fae72ebc7e0cbe47c09fc70fcae172de

Request headers

:method: GET
:authority: player.svc.litv.tv
:scheme: https
:path: /index.html?s=aGluZXQ0|aGluZXQ=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

content-type: text/html
date: Mon, 19 Jul 2021 21:39:05 GMT
last-modified: Mon, 05 Jul 2021 07:01:12 GMT
etag: W/"ab5ba84c309f101747bcabeb87d8d23f"
x-amz-version-id: vgklPxSMxlPvEPGbrMYtHWr78MQpqKEb
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 0W412mbvbxcocpt8vS4CLayazyIxexLK0hhG1LbPk664cz71_D8gBw==
age: 60575

GET
H/1.1 200
OK searchbtn.jpg
hinet.net/resources/images/ 1 KB
2 KB 713ms
246ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/searchbtn.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

0a088ea4d3c9cbb0997e9dec52804f3549dd2bb2e040a26aeff6d947c6113f40

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1044
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK orang-line.jpg
hinet.net/resources/images/ 427 B
1 KB 725ms
246ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/orang-line.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

fdcffeaa8d74e886a0613aa1b96b2a0561abfa69477bafbad1d2be69a8cec33b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 427
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK allmenu.jpg
hinet.net/resources/images/ 9 KB
10 KB 653ms
237ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/allmenu.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

0a126407c0f3afd6b14dd61bb7822e5d3bdff2d18d432366fed4ad209824e154

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 9663
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK icon_menu.png
hinet.net/resources/images/ 312 B
952 B 464ms
248ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/icon_menu.png

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

bb699bc9c6b8d90848e0e65d17f724b84d8a747e7294c88a74db28ff40ce17df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 312
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK plus.jpg
hinet.net/resources/images/ 2 KB
2 KB 717ms
246ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/plus.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

2059e126f52ee7df76dbee3e5ddd6afe884c3c6a22ca5e35459202dfa8684fc7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1536
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK dot.png
hinet.net/resources/images/ 146 B
786 B 468ms
245ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/dot.png

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

e67ca531d1a10173e2113e68639ca74c02cb2e29b26e46508f76cfede65af1e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 146
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK icon_ad1.png
hinet.net/resources/images/ 313 B
953 B 853ms
255ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/icon_ad1.png

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

255733387de4d011d043e4804503f8cb832b2b8f9a1c3fec64d8bc619460d6a6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 313
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK bluemask.png
hinet.net/resources/images/ 101 B
741 B 598ms
248ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/bluemask.png

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

939609a38ada9604bc1c33da3564b30714319046d19671a35b0e8bdf63dfb25a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 101
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK up.jpg
hinet.net/resources/images/ 1009 B
2 KB 667ms
237ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/up.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

c585cfa0d5885511ef71c5549be86f2f7cb94ba4108d6f45ff10cf62e26a7703

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1009
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK down.jpg
hinet.net/resources/images/ 953 B
2 KB 631ms
247ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/down.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

e9c3a312679ed12ae288d06ab31aade4d87e313769ce18f3b2646a0984d6122c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 953
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 13ms
9ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52DVM3

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 5860
date: Tue, 20 Jul 2021 12:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 20 Jul 2021 14:50:59 GMT

GET
H/1.1 200
OK 17ac437f52c155350093319257760998.png
hinet.net/data/api/hinetTimes/ 58 KB
58 KB 764ms
251ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/data/api/hinetTimes/17ac437f52c155350093319257760998.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

24a2fd1c9f3d44f69f4c191de851111039b5a39b33ec1f468214cd5be6693024

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 59145
X-XSS-Protection: 1;mode=block
Last-Modified: Tue, 20 Jul 2021 14:01:01 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK city_arr.png
hinet.net/resources/images/ 163 B
803 B 754ms
247ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/city_arr.png

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

abdd3d7ef1ee1435d47e4c0a7cf727feea8c58b863481568e54ab65a14c1441a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 163
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK bt_stocks.png
hinet.net/resources/images/ 553 B
1 KB 760ms
249ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/bt_stocks.png

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

d9f8f04af9cc2608089522de16d06c1767ab2e70b985ad11c2255bba7032b44d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 553
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H/1.1 200
OK h3_nowHot.png
hinet.net/resources/images/ 15 KB
16 KB 237ms
237ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/h3_nowHot.png

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

48c563272302f4b88be16b4992e8933318cd2c80e0223f6e820cd5635f9671e6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:45 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 15335
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=83
Expires: Thu, 19 Aug 2021 14:28:45 GMT

GET
H/1.1 200
OK h3_nowHot_ar.png
hinet.net/resources/images/ 15 KB
15 KB 238ms
237ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/h3_nowHot_ar.png

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

e85527210e07e231b8ee22d61d3f790b58fb33898162a3648de5eae94ace2299

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:45 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 15054
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Expires: Thu, 19 Aug 2021 14:28:45 GMT

GET
H/1.1 200
OK gmbtfix.css
static.adsinstant.com/broadband/ 2 KB
1 KB 9ms
8ms Stylesheet
text/css 13.225.74.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsinstant.com/broadband/gmbtfix.css
Requested by: Host: static.adsinstant.com
URL: https://static.adsinstant.com/broadband/fgm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-66.fra2.r.cloudfront.net
Software: nginx/1.10.3 /
Resource Hash: 72dbecc00caaa372ea278d516a038d9e5f9561871eb1ddae60527af8b1837791

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 05:00:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 May 2020 07:42:07 GMT
Server: nginx/1.10.3
Age: 34101
ETag: W/"5ebba4cf-9e6"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: 36z2dbKf3AkNzdug1ckK5M1LQMYRP9pr6Uu4wRvwId65jUq1m8wCYQ==

GET
H/1.1 200
OK footer.jpg
hinet.net/resources/images/ 546 B
1 KB 247ms
246ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/footer.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

629a98377ffcd11285a16a860d60e7935641607caaff207897db5c286174a08c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:45 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 546
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Expires: Thu, 19 Aug 2021 14:28:45 GMT

GET
H/1.1 200
OK browser.jpg
hinet.net/resources/images/ 565 B
1 KB 237ms
236ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/browser.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

d7b3c3d697de29efc1207c450103b7e2259b0fca00f3e4d7231cc586e76affe7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:45 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 565
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Expires: Thu, 19 Aug 2021 14:28:45 GMT

GET
H/1.1 200
OK website.jpg
hinet.net/resources/images/ 2 KB
3 KB 247ms
246ms Image
image/jpeg 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/website.jpg

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

0985fc9e6c924f671da4352346a551e7171d01be5c16aea4a2e9f966edc985f1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:45 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1952
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=85
Expires: Thu, 19 Aug 2021 14:28:45 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
80 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=1746990984&t=pageview&_s=1&dl=https%3A%2F%2Fhinet.net%2F&ul=en-us&de=UTF-8&dt=HiNet%E9%A6%96%E9%A0%81%20-%E4%B8%AD%E8%8F%AF%E9%9B%BB%E4%BF%A1HiNet%E7%B6%B2%E8%B7%AF%E6%9C%8D%E5%8B%99%E5%85%A5%E5%8F%A3%20%7C%20%E6%8F%90%E4%BE%9B%E5%AF%AC%E9%A0%BB%E4%B8%8A%E7%B6%B2%E3%80%81%E5%85%89%E4%B8%96%E4%BB%A3%E3%80%81ADSL%E7%AD%89%E6%9C%8D%E5%8B%99&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1951784485&gjid=2129297604&cid=791402944.1626791320&tid=UA-46698217-1&_gid=56654421.1626791320&_r=1&gtm=2wg7j052DVM3&z=403424374

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hinet.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 801 B
969 B 252ms
252ms Script
application/json 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017033&s=201702000025&callback=jQuery3500028958727306868992_1626791318285&_=1626791318286
Requested by: Host: hinet.net
URL: https://hinet.net/resources/js/jquery-3.5.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 610221045baec1cfe0ef7e2efd4a455d930e1f6c968253f85c85e2899e67035a

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 13:59:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 801
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 61 B
228 B 250ms
249ms Script
application/json 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017033&s=201702000026&callback=jQuery3500028958727306868992_1626791318287&_=1626791318288
Requested by: Host: hinet.net
URL: https://hinet.net/resources/js/jquery-3.5.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: bce3b152c6671e26a44b673f2590a2455cdf89199da3994f28dda7b71d18c6de

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 13:59:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 61
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 792 B
960 B 255ms
254ms Script
application/json 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017033&s=201702000019&callback=jQuery3500028958727306868992_1626791318289&_=1626791318290
Requested by: Host: hinet.net
URL: https://hinet.net/resources/js/jquery-3.5.0.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: c69f2514168dc51c9e450fc178fe856c8910ead13cce2968ea06e05d85a8ec2d

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 13:59:53 GMT
access-control-allow-credentials: true
server: nginx
content-length: 792
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H/1.1 200 getCommonServices Show response
search.hinet.net/ 7 KB
2 KB 240ms
239ms Script
text/html 203.75.214.163
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://search.hinet.net/getCommonServices?callback=commonCallback&cookie=_ga_GA1.2.791402944.1626791320,_gid_GA1.2.56654421.1626791320,_gat_UA-46698217-1_1&_=1626791318291

Requested by

Host: hinet.net
URL: https://hinet.net/resources/js/jquery-3.5.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.163 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-163.HINET-IP.hinet.net

Software

Apache /

Resource Hash

3870ba4446dbaa4af3b3d9b2be91e3c8e321dd1a464290270bf1b9720ddf1503

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.hinet.net;
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Length: 1121
X-XSS-Protection: 1;mode=block
Pragma: no-cache
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;
Content-Type: text/html;charset=UTF-8
Cache-control: no-cache, no-store
Content-Security-Policy: frame-ancestors *.hinet.net;
Keep-Alive: timeout=5, max=99
Expires: -1

GET
H/1.1 200
OK icon_w9.png
hinet.net/resources/images/ 1018 B
2 KB 247ms
246ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/icon_w9.png

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

ecbfb7b08920da33cefdd65a82a50fb1edf8f84a85631ec9c5e031c2a3cf5ade

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed; uuid=1bce1b82-db64-491d-aed5-df52c826fe63; __htid=1bce1b82-db64-491d-aed5-df52c826fe63; __gads=ID=6868ab07c3c9bdd1-22b87c2b81c80087:T=1626791321:S=ALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ; _ht_em=1
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:45 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1018
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=82
Expires: Thu, 19 Aug 2021 14:28:45 GMT

GET
H/1.1 200
OK gm400250.css
static.adsinstant.com/hinet/ 2 KB
1 KB 9ms
8ms Stylesheet
text/css 13.225.74.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsinstant.com/hinet/gm400250.css
Requested by: Host: static.adsinstant.com
URL: https://static.adsinstant.com/hinet/fgm.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.74.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-74-66.fra2.r.cloudfront.net
Software: nginx/1.10.3 /
Resource Hash: 84c030628d1055b664e080aadbb3903fb140338fc9d6aaee59123702ecd06ca0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 00:30:37 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Dec 2020 02:40:47 GMT
Server: nginx/1.10.3
Age: 50283
ETag: W/"5fd2dc2f-830"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: 0GkUyI09sgbFkmmS9NuoYkCi9mf_uepuyrJeHcgx0vK6xXKmk2f7RA==

GET
H2 200 yap.js Show response
s.yimg.com/av/yap/ga/ 69 KB
21 KB 7ms
7ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/av/yap/ga/yap.js

Requested by

Host: static.adsinstant.com
URL: https://static.adsinstant.com/hinet/fgm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 20 Jul 2021 14:24:56 GMT
content-encoding: gzip
x-amz-meta-created-date: Thu, 14 Jun 2018 21:01:51 GMT
age: 225
x-amz-server-side-encryption: AES256
x-amz-meta-x-ysws-mbst-vtime: 1529010111289407
vary: Accept-Encoding,Origin
x-amz-request-id: W8Q7WZ8DTYWECDEA
x-amz-id-2: StGFxExbl75t7hNTp8+i6bRET4Tf1HAH1lp3tV6RK6XTU89Cxmtd/Sh1Wc/vXITNeA8z8apx+hA=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 22 Jun 2018 20:24:03 GMT
server: ATS
etag: "dc33089f908605f46038b49337653924-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
content-type: application/javascript
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: public,stale-while-revalidate=30,max-age=3600
content-length: 21352
x-amz-meta-x-ysws-access: public
x-amz-meta-mbst-etag: "YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-content-type-options: nosniff
expires: Fri, 22 Jun 2018 21:24:02 GMT

GET
H/1.1 200
OK close.png
hinet.net/resources/images/ 2 KB
2 KB 742ms
236ms Image
image/png 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/resources/images/close.png

Requested by

Host: hinet.net
URL: https://hinet.net/resources/css/global.css?20171101

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

46658070698149babb03b438896746e92ad7a3df0d7b53edfa93b5274eec5b80

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/resources/css/global.css?20171101
Cookie: _ga=GA1.2.791402944.1626791320; _gid=GA1.2.56654421.1626791320; _gat_UA-46698217-1=1; adid=13ab05cb-cf87-b396-ff16-d596ef0cb2ed
Connection: keep-alive
Referer: https://hinet.net/resources/css/global.css?20171101
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:40 GMT
X-Content-Type-Options: nonsniff
Connection: Keep-Alive
Vary: User-Agent
Content-Length: 1760
X-XSS-Protection: 1;mode=block
Last-Modified: Wed, 19 May 2021 06:04:48 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Content-Type: image/png
Cache-Control: max-age=2592000
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Expires: Thu, 19 Aug 2021 14:28:40 GMT

GET
H2 200 wXDOZGRjwBK.css
www.facebook.com/rsrc.php/v3/y6/l/1,cross/ Frame EFB0 22 KB
5 KB 19ms
7ms Stylesheet
text/css 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3/y6/l/1,cross/wXDOZGRjwBK.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FHiNetsayHi&width=180&height=300&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4096ad0359fd037b7358beca72b7bed968b0c4a2b2d34df80fb42d83f1b1d4ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/plugins/likebox.php?href=https%3A%2F%2Fwww.facebook.com%2FHiNetsayHi&width=180&height=300&colorscheme=light&show_faces=true&header=false&stream=false&show_border=false
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 18 Jul 2021 18:30:36 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 0x6eC37uNdqiGh7Pa7qzCw==
cross-origin-resource-policy: cross-origin
content-length: 5105
x-fb-rlafr: 0
x-fb-debug: o2zy6LGE7oVbN8j9KaLL/Mkkj8c1IIzElhh8pw4TLS5TrvhOS3Nb+YTuh1RdrGLl0ggv8PiGJVnijAHzJAmvFQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Mon, 18 Jul 2022 18:30:36 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0313 340 KB
117 KB 54ms
13ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119631
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:40 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 0313 98 KB
39 KB 32ms
22ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-59507085-1

Requested by

Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

440f95863ca63b2c7c344dbbef575afb85053871926fd680217a2cd02419ad52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39719
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Jul 2021 14:28:40 GMT

GET
H2 200 main.6a832afc.css
player.svc.litv.tv/css/ Frame 0313 77 KB
14 KB 18ms
8ms Stylesheet
text/css 2600:9000:2156:e800:3:cecd:5f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.svc.litv.tv/css/main.6a832afc.css
Requested by: Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ac900f3a7ab93df22b2ed7ffdf08f6866c76098805c08f38d4d5c0e70e4c2d7

Request headers

Referer: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 23:05:34 GMT
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 07:01:11 GMT
server: AmazonS3
age: 55387
etag: W/"dc13bdb7558748ac543ae71df5a95993"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: NwZQVKh2TLuq8JPbaWEIval6hthN17Ow
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: text/css
x-amz-cf-id: mtoP0YTnrX-c4h2cw14kejj-_5b7GrTUJhuya1Jf4MNAvmC5lBS3nw==

GET
H2 200 all.0841cdc8.js Show response
player.svc.litv.tv/ Frame 0313 821 KB
238 KB 18ms
8ms Script
application/javascript 2600:9000:2156:e800:3:cecd:5f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.svc.litv.tv/all.0841cdc8.js
Requested by: Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f77de6ac80d68d5e5282a7f5e45e7dafeee9bded6451d6ca5eee628b4f88c31

Request headers

Referer: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: r1t1HqbVsJixZ9mkHkPVfqm3nX5nJmui
content-encoding: gzip
last-modified: Mon, 05 Jul 2021 07:01:11 GMT
server: AmazonS3
age: 40854
etag: W/"209764a9890d6ae6c6402aa629ba46f0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
date: Tue, 20 Jul 2021 03:07:47 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: qaItRQJ7hxGbvcAf807M4KbDOLxh6caYP0tmZ_gJ09YHumlT0C5rZA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
80 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-46698217-1&cid=791402944.1626791320&jid=1951784485&gjid=2129297604&_gid=56654421.1626791320&_u=YEBAAAAAAAAAAC~&z=1743632602

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Jul 2021 14:28:40 GMT
content-type: text/plain
access-control-allow-origin: https://hinet.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 notosanstc.css
fonts.googleapis.com/earlyaccess/ 691 KB
196 KB 20ms
17ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/earlyaccess/notosanstc.css

Requested by

Host: static.adsinstant.com
URL: https://static.adsinstant.com/hinet/gm400250.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4f8a01bfdb6a539b3e0929603ff1f9566ac2a5114a512b2815c30e84462c9fe5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://static.adsinstant.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 13:27:54 GMT
server: ESF
date: Tue, 20 Jul 2021 14:28:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 20 Jul 2021 14:28:40 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ 268 B
465 B 366ms
57ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=144c7f11-3120-4eac-b989-f816fb654ae5&apiKey=37YV4HQK9MV5TDFDGWJB&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fhinet.net&caps=16&cb=JSONPCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-flurry71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

13263809d85935164b1711048eea2ca9b6bcf161bebce195bf2e5925dbfaa9d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:40 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame FEA0 37 B
402 B 258ms
250ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

170c6a1b32f30c7babbfdad1c81cd524a8c30f9bd595c730d0c3a8dc1703fc11

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:40 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ Frame 0313 90 KB
35 KB 21ms
19ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TXVNLXL

Requested by

Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5730b1b8fca2281918235d3b6fc450f78839af597c137fdb162ca4c72d366d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36037
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Jul 2021 14:28:40 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 0313 95 KB
24 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24676
x-xss-protection: 0
pragma: public
x-fb-debug: wE54VG+IEi3tRPLG/Nsk9afgik4/ZpN3nZW8pmMt/imb+pbuiF5grHz7wFFpZMnZPICjwa/knWVi4DfN4HbRXg==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Tue, 20 Jul 2021 14:28:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

OPTIONS
H2 200 puid
pusti.svc.litv.tv/ Frame 0
0 301ms
266ms Preflight
text/plain 34.96.74.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pusti.svc.litv.tv/puid
Protocol: H2
Server: 34.96.74.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.74.96.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://player.svc.litv.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://player.svc.litv.tv
access-control-max-age: 60
content-length: 6
content-type: text/plain; charset=utf-8
last-modified: Tue, 20 Jul 2021 14:28:40 GMT
date: Tue, 20 Jul 2021 14:28:40 GMT
via: 1.1 google
alt-svc: clear

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 0313 1 KB
2 KB 40ms
9ms Script
application/javascript 13.226.145.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/all.0841cdc8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-101.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:25:52 GMT
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 169
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: GtppZfHzch5KbAq_DYlVQfjOK3hPqJ9Wvr0qj4l97YyHE8VbFkMP7Q==

POST
H2 200 puid Show response
pusti.svc.litv.tv/ Frame 0313 83 B
422 B 289ms
263ms Fetch
application/json 34.96.74.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pusti.svc.litv.tv/puid
Requested by: Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/all.0841cdc8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.74.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.74.96.34.bc.googleusercontent.com
Software: /
Resource Hash: 990a170edd72ff89eb8b3167c8d7a4e5953bad4ff07719fc7e7a6bb3c2922f7d

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
via: 1.1 google
access-control-allow-headers: Content-Type
access-control-max-age: 60
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://player.svc.litv.tv
access-control-allow-credentials: true
alt-svc: clear
content-length: 83

GET
H2 200 hinet4-config.json Show response
player.svc.litv.tv/meta/config/ Frame 0313 540 B
932 B 15ms
11ms XHR
application/json 2600:9000:2156:e800:3:cecd:5f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.svc.litv.tv/meta/config/hinet4-config.json
Requested by: Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/all.0841cdc8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a6b8438970005aba16cec020a5a73ff1542834885c00046209c87b1518ebdd3a

Request headers

Referer: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 09:16:39 GMT
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jul 2021 00:05:08 GMT
server: AmazonS3
age: 18722
etag: "d51adab5c69b3ce4518692bc6bd7e57f"
x-cache: Hit from cloudfront
x-amz-version-id: jq8cj4h_nzyFSN5UiB8SaATKDm5iz5ME
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/json
content-length: 540
x-amz-cf-id: LowLdHzwbNLpViEAkA1J3KPLc2GimY_CeR6xauiPuNXestCNHoPvoQ==

GET
H2 200 pubads_impl_2021071301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame FEA0 329 KB
115 KB 15ms
14ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

9f43aa34b620c451290ad923748729c9956da9e7476387b34f860d1131108924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 08:39:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117314
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:40 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 0313 98 KB
39 KB 35ms
22ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-138079999-6&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dc47fab1fac376a3c446379c71b2d0fbd35fe9432cfef60bf5bf9baadc9b841c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:40 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39719
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Jul 2021 14:28:40 GMT

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame FEA0 30 B
271 B 248ms
247ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=1bce1b82-db64-491d-aed5-df52c826fe63

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
t.ssp.hinet.net/ Frame FEA0 0
79 B 245ms
245ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/pixel?bd=1bce1b82-db64-491d-aed5-df52c826fe63&t=ch%3D2017004%26st%3D201702000018

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H3-29 200 952335108140844 Show response
connect.facebook.net/signals/config/ Frame 0313 262 KB
74 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/952335108140844?v=2.9.43&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

75fcc3dfeb227633f84a6d3f955eff0cc03b1473bce083a055422c50c0062fdc

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 76210
x-xss-protection: 0
pragma: public
x-fb-debug: Ij/dl8pxrETNcheJmfctyVvKL9mV8+032cstXxzSqqxJGIHUiJLhDHvkkNIRSVMrEo3VdN+cvESXCImwpSM84Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coop_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 20 Jul 2021 14:28:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ 272 B
279 B 55ms
54ms Script
application/javascript 212.82.100.146
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=2757c719-2127-486c-925b-d044ce93835c&apiKey=37YV4HQK9MV5TDFDGWJB&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fhinet.net&caps=16&cb=JSONPCallback1

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

212.82.100.146 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

media-router-flurry71.prod.media.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

4515ee5a035a9d5785b6a14cd9f25006b0ec897c8aa25869ff768f3399edaecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:40 GMT
content-encoding: gzip
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
strict-transport-security: max-age=31536000

GET
H2

200

b2
sb.scorecardresearch.com/ Frame 0313
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=18986219&c3=100001&ns__t=1626791320946&ns_c=UTF-8&ns_if=1&cv=3.5&c8=LiTV%E7%AB%8B%E8%A6%96%E7%B7%9A%E4%B8%8A%E5%BD%B1%E8%A6%96-%20%E5%8F%B0%E7%81%A3%E6%8E...
https://sb.scorecardresearch.com/b2?c1=7&c2=18986219&c3=100001&ns__t=1626791320946&ns_c=UTF-8&ns_if=1&cv=3.5&c8=LiTV%E7%AB%8B%E8%A6%96%E7%B7%9A%E4%B8%8A%E5%BD%B1%E8%A6%96-%20%E5%8F%B0%E7%81%A3%E6%8...

64 B
329 B

17ms
16ms

Image
image/gif

13.226.145.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=18986219&c3=100001&ns__t=1626791320946&ns_c=UTF-8&ns_if=1&cv=3.5&c8=LiTV%E7%AB%8B%E8%A6%96%E7%B7%9A%E4%B8%8A%E5%BD%B1%E8%A6%96-%20%E5%8F%B0%E7%81%A3%E6%8E%92%E8%A1%8C%E7%AC%AC%E4%B8%80%E6%AD%A3%E7%89%88%E3%80%81%E9%AB%98%E6%B8%85%E7%B7%9A%E4%B8%8A%E7%9C%8B%E7%9B%B4%E6%92%AD%E5%BD%B1%E9%9F%B3%E9%9B%BB%E8%A6%96&c7=https%3A%2F%2Fplayer.svc.litv.tv%2Findex.html%3Fs%3DaGluZXQ0%7CaGluZXQ%3D&c9=https%3A%2F%2Fhinet.net%2F
Requested by: Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-101.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: PRcO9mXaZwC5vWMK7IITi7DEE9v2ub6B6A8GkN2emQVZKze1Naxxcw==

Redirect headers

date: Tue, 20 Jul 2021 14:28:40 GMT
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=7&c2=18986219&c3=100001&ns__t=1626791320946&ns_c=UTF-8&ns_if=1&cv=3.5&c8=LiTV%E7%AB%8B%E8%A6%96%E7%B7%9A%E4%B8%8A%E5%BD%B1%E8%A6%96-%20%E5%8F%B0%E7%81%A3%E6%8E%92%E8%A1%8C%E7%AC%AC%E4%B8%80%E6%AD%A3%E7%89%88%E3%80%81%E9%AB%98%E6%B8%85%E7%B7%9A%E4%B8%8A%E7%9C%8B%E7%9B%B4%E6%92%AD%E5%BD%B1%E9%9F%B3%E9%9B%BB%E8%A6%96&c7=https%3A%2F%2Fplayer.svc.litv.tv%2Findex.html%3Fs%3DaGluZXQ0%7CaGluZXQ%3D&c9=https%3A%2F%2Fhinet.net%2F
content-length: 483
x-amz-cf-id: dXvwci7N3ZAoMbOgQwe0uKZ8ZydflxiKxPu91HKXiec6v26zgiKywg==

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ Frame 0313 15 KB
6 KB 15ms
11ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 20 Jul 2021 14:02:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1600
x-amz-server-side-encryption: AES256
vary: Origin, Accept-Encoding
content-length: 5639
x-amz-id-2: AwGbL3/t1k+Hhn3yeAsT4tR5OoVNtLHzTUPIEjXGh7COLcfPMcwWXq3uv7u0Zy7L8SE+PZetT+A=
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sat, 02 Jul 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Thu, 27 May 2021 13:00:20 GMT
server: ATS
etag: "6de43f1c725d89777edaa2bc5d679ecb-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
x-amz-request-id: 1PWDYBCDDH4YQ48E
x-xss-protection: 1; mode=block
cache-control: public,max-age=3600
x-amz-version-id: Bv0RNzsjZsSn6kGrZjdvdggYqc20u__d
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 lightintegration.js Show response
redir.adap.tv/redir/javascript/ Frame 0313 31 KB
32 KB 45ms
8ms Script
text/plain 192.229.221.28
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://redir.adap.tv/redir/javascript/lightintegration.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TXVNLXL
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.221.28 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E95) /
Resource Hash: 1e15f65bcef05f2ea9f54e051da9bf7e6fc9eb00a669905c9ed33f4fd7ba26f7

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
nel: {"report_to": "default", "max_age": 604800, "include_subdomains": true, "failure_fraction": 1.0, "success_fraction": 0.01}
age: 479774
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 31633
x-amz-id-2: H2MdM7TVS4xnx3f4mngBTRKq5hNYRjXTEoqXUtPLXN6jbafuFnC8FOW79fbDALpy6SUI4fvoUh0=
last-modified: Wed, 13 Sep 2017 23:08:44 GMT
server: ECAcc (frc/8E95)
x-amz-meta-s3cmd-attrs: uid:1000/gname:adaptv/uname:adaptv/gid:1000/mode:33188/mtime:1505344053/atime:1505344249/md5:1de3d0b5f3cbe8b1e87e274f129ac0e7/ctime:1505344249
etag: "1de3d0b5f3cbe8b1e87e274f129ac0e7"
report-to: {"group": "default", "max_age":604800, "endpoints":[{"url":"https://report.vdms.com/","priority":1 }, {"url":"https://nelcollector.sre.ecsvc.net/report","priority":2 }]}
content-type: text/plain
x-amz-version-id: XGOCJEPvmrIOhn2ZV_.qAlIiRmN7Rqa0
accept-ranges: bytes
x-amz-request-id: 4Y55SRA3THBVZK6A

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame FEA0 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hinet.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame FEA0 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hinet.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FEA0 8 KB
4 KB 44ms
41ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=76573324060190&correlator=2990482394972707&output=ldjh&impl=fifs&eid=31061817%2C31061180%2C31061762%2C20211866&vrg=2021071301&ptt=17&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=119952882%2Chinet%2Chinet_%E7%94%9F%E6%B4%BB%E8%AA%8C_970x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250&cookie_enabled=1&cdm=hinet.net&bc=31&abxe=1&lmt=1626791321&dt=1626791321004&dlt=1626791319263&idt=1713&ea=0&frm=23&biw=1600&bih=1200&isw=970&ish=250&oid=3&adxs=315&adys=33&adks=3413577103&ucis=o9ulo15fhtvh&ifi=1&ifk=670636931&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhinet.net%2F&top=https%3A%2F%2Fhinet.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x250&msz=970x-1&ga_vid=791402944.1626791320&ga_sid=1626791321&ga_hid=1500110101&ga_fc=true&fws=260&ohw=970&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

0e5930652548cc40221deea0910a8a8c8f2ae9edadc7f1448353d000fae8bb6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4545
x-xss-protection: 0
google-lineitem-id: 5528399204
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138344089225
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hinet.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
1b8747ca3ec3fd419fac1823e81b2e8f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6A31 0
0 48ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://1b8747ca3ec3fd419fac1823e81b2e8f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 1b8747ca3ec3fd419fac1823e81b2e8f.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 14:28:41 GMT
expires: Wed, 20 Jul 2022 14:28:41 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 0313 48 KB
19 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138079999-6&l=dataLayer&cx=c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 5862
date: Tue, 20 Jul 2021 12:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 20 Jul 2021 14:50:59 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 624A 0
0 44ms
43ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsucUvnyJsFVfNxQPc8YPfO0--Rbp0xGe9hDJG3WZYJmjq8gczdcKYnvYhQZsWDB_l8_u66tJi6cjieCrC2H0-kZswdNuodpL5gB5J-IMPK5_3xz19xQH9h0bYArxQG2SFQ3JX0DbQ9-ZG0KCkD9Oy-3nYzcYlxwcVjKf0p0mJf2RfJuJPQOxpnDLsSKaoIbUAuj1RyIUlxQ_NZ69bamB8f5SXmrE951z9H2T13YkctrYvu47vM8ZIAOuihcySo5BrjwEGVcvHX_YRPUq1ONrikVAd7pyx_ihorZdeHLbaDVnZpqD_4RBxfBXsGYM134Qzjfid7a_Q4DYw&sai=AMfl-YR74oVULdgqSZRWKBW6S8XDqWOYXnFUH5GJcV2-pDOvCz5bmRxg1Vgup66eeQQidqT9wBm2B2vOgZ2PdBTcl3jBNGnS7VV4kwbnF1g1Cb2wseOzg4Df9743JBgyz3Q&sig=Cg0ArKJSzAvgnVpFbB8OEAE&urlfix=1&adurl=

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:41 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 14:28:41 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 624A 134 KB
47 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

79aa2ea675fee615ed72d18532ada370afa3486a35a0d3e367c81dbbc679ab4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48349
x-xss-protection: 0
server: cafe
etag: 2378802026447261366
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 14:28:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 624A 124 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:41 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame FEA0 73 KB
27 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:41 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 0313 44 B
147 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=952335108140844&ev=PageView&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Findex.html%3Fs%3DaGluZXQ0%7CaGluZXQ%3D&rl=https%3A%2F%2Fhinet.net%2F&if=true&ts=1626791321183&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%224051689524849166%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22TWD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%221918034904998334%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22TWD%22%7D%7D%7D&par[2]=%7B%22extractorID%22%3A%22681912355926324%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&par[3]=%7B%22extractorID%22%3A%22897696054080957%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&it=1626791320934&coo=false&rqm=GET

Requested by

Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 20 Jul 2021 14:28:41 GMT

GET
H2 200 10114832.json Show response
s.yimg.com/wi/config/ Frame 0313 46 B
439 B 10ms
8ms XHR
application/octet-stream 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10114832.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480d5b26935e27640c98365cfc7bd4a663c82d2affb64ffae8a4bf9b01b5e9fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 08:47:21 GMT
x-content-type-options: nosniff
age: 20481
x-amz-server-side-encryption: AES256
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-request-id: FYPR65A57FNC5VBS
x-amz-id-2: rAiU7jMviqs2ZXgqDWLRTRUkMrJ0SG+MgV8S1M3QLHRbHSLy9/sHR5JOQe5nC1ptDOX4XfjDZ6o=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Sun, 27 Mar 2022 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Fri, 19 Feb 2021 07:36:22 GMT
server: ATS
etag: "31991d36d356e76ae58f243f53479582"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: CnfSYWjVQHGwo9PiNrE4tOoh_9HipBiZ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
content-length: 46
content-type: application/octet-stream

GET
H/1.1 200
OK cookie Show response
ads.adaptv.advertising.com/ Frame 0313 0
358 B 33ms
8ms Script
text/html 3.120.211.246
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/cookie?pageUrl=https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=&isTop=false&callback=1
Requested by: Host: redir.adap.tv
URL: https://redir.adap.tv/redir/javascript/lightintegration.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.120.211.246 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-120-211-246.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: adaptv/1.0
Connection: keep-alive
Content-Length: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 624A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f4e9d350b891a5b4409ef71bcf97414081dac71b063b7e9b4b8d97e91a6ad87

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/ Frame 624A 244 KB
90 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2433080275028329&plah=hinet.net&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92395
x-xss-protection: 0
server: cafe
etag: 7826786853314341384
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 20 Jul 2021 14:28:41 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/ Frame AB0D 10 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210712/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210712/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmNMOsLS_T6OSSXloVNmKBSYhcrflDZC-dCHp-UQDVZ1IYGPftT10wPGEJtKoU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 20 Jul 2021 03:29:55 GMT
expires: Tue, 03 Aug 2021 03:29:55 GMT
content-type: text/html; charset=UTF-8
etag: 15579341980913220427
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4579
x-xss-protection: 0
age: 39526
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 queryAds Show response
pusti.svc.litv.tv/ Frame 0313 0
42 B 267ms
266ms Fetch 34.96.74.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pusti.svc.litv.tv/queryAds
Requested by: Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/all.0841cdc8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.74.134 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 134.74.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
via: 1.1 google
alt-svc: clear
access-control-max-age: 60
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://player.svc.litv.tv
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 204 push
onead.onevision.com.tw/v2/app/ Frame 0313 0
0 408ms
265ms Fetch
text/plain 107.178.241.176
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://onead.onevision.com.tw/v2/app/push?event=7000&p1=899654903&pub=c5ea6420-0862-4a76-8bd2-3e04881c012b
Requested by: Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/all.0841cdc8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.241.176 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 176.241.178.107.bc.googleusercontent.com
Software: gws / OneAD
Resource Hash

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
via: 1.1 google
age: 0
x-powered-by: OneAD
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-onead-backend: onead-http-event-w15l-gohttp
alt-svc: clear
pragma: no-cache
server: gws
x-onead-guid: c803014e-e966-11eb-9e0e-0242ac120002
x-varnish: 110005954
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-onead-version: 3889d7c3
content-type: text/plain; charset=utf-8
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hinet4-schedule.json Show response
player.svc.litv.tv/meta/vc/ Frame 0313 18 KB
3 KB 10ms
9ms XHR
application/json 2600:9000:2156:e800:3:cecd:5f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.svc.litv.tv/meta/vc/hinet4-schedule.json
Requested by: Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/all.0841cdc8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 141acbd7ca859acce0409e6f41dfe2d56925388245259ea414cea3a7592a0442

Request headers

Referer: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 09:16:40 GMT
content-encoding: gzip
last-modified: Mon, 19 Jul 2021 21:27:18 GMT
server: AmazonS3
age: 18722
etag: W/"563c89f62a4b0f78f23ceea241d32f66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: 9XpxX.kIvqa2G5lLMgCmAsyJptqDXzHQ
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/json
x-amz-cf-id: ZHie-BLKlnH_onhvk4EGViV9tX6IAhnvkroo3TiDfA08n1ya3qXjkA==

GET
H2 200 litv_logo_white_7485ff.png
player.svc.litv.tv/assets/ Frame 0313 2 KB
3 KB 8ms
8ms Image
image/png 2600:9000:2156:e800:3:cecd:5f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player.svc.litv.tv/assets/litv_logo_white_7485ff.png
Requested by: Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/css/main.6a832afc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9a8609eeda77369cd567a813411d740959695b5a47db762f2f6dfbb6006cefcb

Request headers

Referer: https://player.svc.litv.tv/css/main.6a832afc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: WdaxXyiT5ykTE9DuszVvS4iYBJo9JtC7
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Mon, 05 Jul 2021 07:01:11 GMT
server: AmazonS3
age: 49917
etag: "7485ff68e8e344e8b566bdd03e32d909"
x-cache: Hit from cloudfront
content-type: image/png
date: Tue, 20 Jul 2021 00:36:44 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 2459
x-amz-cf-id: aYV-4BcBmf-YPbGY4wA_PV8q5z2Fber_zI8wijI-P6pLgqWk8a8itA==

GET
H2 200 loadingbn_d314ee.jpg
player.svc.litv.tv/assets/ Frame 0313 17 KB
17 KB 7ms
7ms Image
image/jpeg 2600:9000:2156:e800:3:cecd:5f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://player.svc.litv.tv/assets/loadingbn_d314ee.jpg
Requested by: Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/css/main.6a832afc.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90ee20c6b2fe58c0bc327b411d5a68e2be5eea7b37eb642ee9e1a73f4c51f5eb

Request headers

Referer: https://player.svc.litv.tv/css/main.6a832afc.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 62UJdwGZpoKy4ZSTiu8PxE413cA0WhTH
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
last-modified: Mon, 05 Jul 2021 07:01:11 GMT
server: AmazonS3
age: 40793
etag: "d314ee6563b9281cfd1683cb778cc013"
x-cache: Hit from cloudfront
content-type: image/jpeg
date: Tue, 20 Jul 2021 03:08:49 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 17473
x-amz-cf-id: gFGfkOiuStOh98Bwoi1K9uF5Hf_2w8ZpiLriRKjiy2Y8vpiBNeJUNA==

GET
H2 200 ads_check.js Show response
fino.svc.litv.tv/acs/ Frame 0313 36 B
494 B 127ms
7ms Fetch
application/javascript 143.204.205.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fino.svc.litv.tv/acs/ads_check.js
Requested by: Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/all.0841cdc8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-120.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c47ff9781e5c10d5b7a4edbd121682c9d6150251dfa4c0820f9939a70e623f5

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 05:00:05 GMT
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
vary: Origin
age: 34117
x-cache: Hit from cloudfront
content-length: 36
last-modified: Fri, 19 Feb 2021 02:39:49 GMT
server: AmazonS3
etag: "eccd8c86e285ee7d525d2b012ed3c06d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, POST
x-amz-version-id: EHi4EZ.gJdlfigQoKnOSB_rq9xJIQl9.
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: fHbMLgW7-dOZR_YQ-sw1eBK-MdD6ZYV9I_W9SRlPD-27S6RU_1nWQw==

GET
H3-29 200 bridge3.472.0_zh_tw.html Show response
imasdk.googleapis.com/js/core/ Frame A73B 579 KB
190 KB 23ms
9ms Document
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.472.0_zh_tw.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25bfbe21946744cc0813c5a60eabb938c7e8a20fdeeaa77609e76b71d93c2e5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.472.0_zh_tw.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://player.svc.litv.tv/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://player.svc.litv.tv/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 194581
date: Fri, 16 Jul 2021 08:35:15 GMT
expires: Sat, 16 Jul 2022 08:35:15 GMT
last-modified: Fri, 16 Jul 2021 07:29:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 366806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0313 44 KB
17 KB 35ms
14ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:41 GMT

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 0313 98 KB
39 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-138079999-10&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-59507085-1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8aafa0ac003f79e8406167f57790ddcbdfaa3cee71fa19316c66d2d8da6496bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39686
x-xss-protection: 0
last-modified: Tue, 20 Jul 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Jul 2021 14:28:41 GMT

GET
H2 200 p
sb.scorecardresearch.com/ Frame 0313 64 B
442 B 16ms
14ms Image
image/gif 13.226.145.101
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=8&c2=18986219&c3=1&cj=1&c4=https%3A%2F%2Fplayer.svc.litv.tv%2Findex.html%3Fs%3DaGluZXQ0%7CaGluZXQ%3D&rn=1626791321461
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.101 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-101.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
via: 1.1 147cd286989da71c73312280bb09c200.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: F_YkOjrnLbI36hTrsHRLiApg2uu1weU0M11Tpdzdl7KGDsbvmK-3EA==

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 624A 12 B
244 B 22ms
20ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hinet.net&callback=_gfp_s_&client=ca-pub-2433080275028329&cookie=ID%3D6868ab07c3c9bdd1-22b87c2b81c80087%3AT%3D1626791321%3AS%3DALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210712/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2433080275028329&plah=hinet.net&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 624A 107 B
122 B 25ms
24ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hinet.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 624A 107 B
122 B 30ms
27ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hinet.net

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C2B8 82 KB
27 KB 907ms
897ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2433080275028329&output=html&h=250&slotname=4348070867&adk=1487366383&adf=4198862039&pi=t.ma~as.4348070867&w=970&psa=0&format=970x250&url=https%3A%2F%2Fhinet.net%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626791321346&bpp=4&bdt=216&idt=159&shv=r20210712&ptt=9&saldr=aa&cookie=ID%3D6868ab07c3c9bdd1-22b87c2b81c80087%3AT%3D1626791321%3AS%3DALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ&correlator=1354287985938&frm=23&ife=4&pv=2&ga_vid=791402944.1626791320&ga_sid=1626791322&ga_hid=296630730&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=33&biw=1600&bih=1200&isw=970&ish=250&ifk=1078664049&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1623597559702417&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w88l2ugvejdy&fsb=1&dtd=189

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46fc4158fe26f8d2f989c00a5d0c44530aa30bf478ab142f2441aaa2702c0c13

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO2n4vbt8fECFYI_0wod8eIFAQ&gqi=md32YIujIqiRmLAPisW30A4&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2433080275028329&output=html&h=250&slotname=4348070867&adk=1487366383&adf=4198862039&pi=t.ma~as.4348070867&w=970&psa=0&format=970x250&url=https%3A%2F%2Fhinet.net%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626791321346&bpp=4&bdt=216&idt=159&shv=r20210712&ptt=9&saldr=aa&cookie=ID%3D6868ab07c3c9bdd1-22b87c2b81c80087%3AT%3D1626791321%3AS%3DALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ&correlator=1354287985938&frm=23&ife=4&pv=2&ga_vid=791402944.1626791320&ga_sid=1626791322&ga_hid=296630730&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=33&biw=1600&bih=1200&isw=970&ish=250&ifk=1078664049&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1623597559702417&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w88l2ugvejdy&fsb=1&dtd=189
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmNMOsLS_T6OSSXloVNmKBSYhcrflDZC-dCHp-UQDVZ1IYGPftT10wPGEJtKoU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO2n4vbt8fECFYI_0wod8eIFAQ&gqi=md32YIujIqiRmLAPisW30A4&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 20 Jul 2021 14:28:42 GMT
server: cafe
content-length: 27867
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 624A 73 KB
27 KB 46ms
27ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:41 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:41 GMT

GET
H2 200 EMBED32.json Show response
player.svc.litv.tv/meta/acs/hinet4/ Frame 0313 9 KB
2 KB 13ms
13ms XHR
application/json 2600:9000:2156:e800:3:cecd:5f00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://player.svc.litv.tv/meta/acs/hinet4/EMBED32.json
Requested by: Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/all.0841cdc8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:e800:3:cecd:5f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ec10c7ae80b5f78dba4eef5b14ec748d57416035474a4d17d83fbf390382c38e

Request headers

Referer: https://player.svc.litv.tv/index.html?s=aGluZXQ0|aGluZXQ=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 09:16:41 GMT
content-encoding: gzip
last-modified: Mon, 19 Jul 2021 18:16:06 GMT
server: AmazonS3
age: 18721
etag: W/"a48885b17b48b6bbaa0d9a16f7ef33aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: yNT32rcc2.G16AgY86QJZML1JA3Z_N7q
via: 1.1 32c8da10203574baccb74b8f771a7ffb.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: application/json
x-amz-cf-id: YHk1ObsOZ-6btQhCFldKLV3oimSKWEETNM0DSkEOIekDiZHxUIHFSw==

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6055 36 KB
12 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 13:33:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3315
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 20 Jul 2021 14:33:26 GMT

GET
H2 200 ads1.js Show response
fino.svc.litv.tv/ads/ Frame 0313 17 B
474 B 18ms
15ms Fetch
application/javascript 143.204.205.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fino.svc.litv.tv/ads/ads1.js
Requested by: Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/all.0841cdc8.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-120.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: af2ac8055983b59c939388ef2b32ef532b5eb338d4f1758be91a125d4f07d83f

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: S0gUSQE16svoHk1.rmwu2P08mV03VNo6
via: 1.1 c90147ea5199ff7ce77981c8da4247c4.cloudfront.net (CloudFront)
etag: "8ba19eeed6689e4d7c76742e23055415"
age: 23796
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 17
last-modified: Thu, 18 Feb 2021 02:44:24 GMT
server: AmazonS3
date: Tue, 20 Jul 2021 07:54:00 GMT
vary: Origin
access-control-allow-methods: GET, HEAD, POST
content-type: application/javascript
access-control-allow-origin: *
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
x-amz-cf-id: TZRzdH8_JQRJeSZpdJbqH29c8MjDcxl-8O2jXjG9x9Qlj5CjWOBFOA==

POST
H/1.1 200
OK rpc Show response
p-api03.svc.litv.tv/cdi/v2/ Frame 0313 98 B
466 B 251ms
250ms XHR
application/json 210.242.135.3
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://p-api03.svc.litv.tv/cdi/v2/rpc

Requested by

Host: player.svc.litv.tv
URL: https://player.svc.litv.tv/all.0841cdc8.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

210.242.135.3 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

Software

Resource Hash

7f4c3a73cb131ac6d84b26e9248f3a79346a89ae9d3c4d1457872e185f6f6da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Date: Tue, 20 Jul 2021 14:28:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 60
Access-Control-Allow-Headers: Content-Type

OPTIONS
H/1.1 200
OK rpc
p-api03.svc.litv.tv/cdi/v2/ Frame 0
0 1016ms
250ms Preflight 210.242.135.3
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://p-api03.svc.litv.tv/cdi/v2/rpc
Protocol: HTTP/1.1
Server: 210.242.135.3 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://player.svc.litv.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Headers: Content-Type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 60
Date: Tue, 20 Jul 2021 14:28:42 GMT
Content-Length: 0

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 0313 48 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-138079999-10&l=dataLayer&cx=c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 17:36:57 GMT
server: Golfe2
age: 5862
date: Tue, 20 Jul 2021 12:50:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19661
expires: Tue, 20 Jul 2021 14:50:59 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame 0313 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=423485537&t=event&_s=1&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Findex.html%3Fs%3DaGluZXQ0%7CaGluZXQ%3D&dr=https%3A%2F%2Fhinet.net%2F&ul=en-us&de=UTF-8&dt=LiTV%E7%AB%8B%E8%A6%96%E7%B7%9A%E4%B8%8A%E5%BD%B1%E8%A6%96-%20%E5%8F%B0%E7%81%A3%E6%8E%92%E8%A1%8C%E7%AC%AC%E4%B8%80%E6%AD%A3%E7%89%88%E3%80%81%E9%AB%98%E6%B8%85%E7%B7%9A%E4%B8%8A%E7%9C%8B%E7%9B%B4%E6%92%AD%E5%BD%B1%E9%9F%B3%E9%9B%BB%E8%A6%96&sd=24-bit&sr=1600x1200&vp=370x207&je=0&ec=player&ea=impression&_u=aEDAAUABAAAAAC~&jid=293178768&gjid=327951217&cid=1579905156.1626791321&tid=UA-138079999-6&_gid=2004937783.1626791321&_r=1&gtm=2ou7j0&z=1298021916

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://player.svc.litv.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ Frame 0313 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j91&a=423485537&t=event&_s=1&dl=https%3A%2F%2Fplayer.svc.litv.tv%2Findex.html%3Fs%3DaGluZXQ0%7CaGluZXQ%3D&dr=https%3A%2F%2Fhinet.net%2F&ul=en-us&de=UTF-8&dt=LiTV%E7%AB%8B%E8%A6%96%E7%B7%9A%E4%B8%8A%E5%BD%B1%E8%A6%96-%20%E5%8F%B0%E7%81%A3%E6%8E%92%E8%A1%8C%E7%AC%AC%E4%B8%80%E6%AD%A3%E7%89%88%E3%80%81%E9%AB%98%E6%B8%85%E7%B7%9A%E4%B8%8A%E7%9C%8B%E7%9B%B4%E6%92%AD%E5%BD%B1%E9%9F%B3%E9%9B%BB%E8%A6%96&sd=24-bit&sr=1600x1200&vp=370x207&je=0&ec=player&ea=impression&_u=aEDAAUABAAAAAC~&jid=854692414&gjid=970950255&cid=1579905156.1626791321&uid=c5ea6420-0862-4a76-8bd2-3e04881c012b&tid=UA-138079999-10&_gid=2004937783.1626791321&_r=1&gtm=2ou7j0&z=116546456

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://player.svc.litv.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ Frame 0313 1 B
22 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-138079999-6&cid=1579905156.1626791321&jid=293178768&gjid=327951217&_gid=2004937783.1626791321&_u=aEDAAUAAAAAAAC~&z=291493671

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Jul 2021 14:28:41 GMT
content-type: text/plain
access-control-allow-origin: https://player.svc.litv.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ Frame 0313 1 B
22 B 18ms
17ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j91&tid=UA-138079999-10&cid=1579905156.1626791321&jid=854692414&uid=c5ea6420-0862-4a76-8bd2-3e04881c012b&gjid=970950255&_gid=2004937783.1626791321&_u=aEDAAUABAAAAAC~&z=1211765638

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 20 Jul 2021 14:28:41 GMT
content-type: text/plain
access-control-allow-origin: https://player.svc.litv.tv
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 /
www.facebook.com/tr/ Frame 0313 0
15 B 10ms
10ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://player.svc.litv.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryH4KtjCDj0AXDAOHB

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 20 Jul 2021 14:28:41 GMT
content-type: text/plain
access-control-allow-origin: https://player.svc.litv.tv
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 ssrh.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C2B8 84 KB
29 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/ssrh.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2433080275028329&output=html&h=250&slotname=4348070867&adk=1487366383&adf=4198862039&pi=t.ma~as.4348070867&w=970&psa=0&format=970x250&url=https%3A%2F%2Fhinet.net%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626791321346&bpp=4&bdt=216&idt=159&shv=r20210712&ptt=9&saldr=aa&cookie=ID%3D6868ab07c3c9bdd1-22b87c2b81c80087%3AT%3D1626791321%3AS%3DALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ&correlator=1354287985938&frm=23&ife=4&pv=2&ga_vid=791402944.1626791320&ga_sid=1626791322&ga_hid=296630730&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=33&biw=1600&bih=1200&isw=970&ish=250&ifk=1078664049&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1623597559702417&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w88l2ugvejdy&fsb=1&dtd=189

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 22:20:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30063
x-xss-protection: 0
server: cafe
etag: 16132151104434394549
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 20 Jul 2021 22:20:40 GMT

GET
H2 200 12958505313246985559_15830567106759308868.jpeg
static.doubleclick.net/dynamic/5/183591954/ Frame C2B8 2 MB
2 MB 11ms
6ms Image
image/jpeg 2a00:1450:4001:808::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/183591954/12958505313246985559_15830567106759308868.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d1f72525aa79b136df7b4eef71da15f25f73ce1b6830ebd9e2809d934e52187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 00:20:20 GMT
x-content-type-options: nosniff
last-modified: Thu, 21 Jan 2021 06:11:42 GMT
server: sffe
age: 50902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2048436
x-xss-protection: 0
expires: Wed, 20 Jul 2022 00:20:20 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame C2B8 18 KB
7 KB 21ms
17ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:20:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 6317884472378718772
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 14:20:40 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame C2B8 2 KB
1 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 14:25:32 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C2B8 124 KB
37 KB 19ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:42 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:42 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame C2B8 14 KB
6 KB 18ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 14:17:27 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C2B8 0
0 18ms
13ms Image
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlN7m3hIoLgmGl2NSXMP40yWRUmtL6rAcYE1mhTgvDuNvzkmmK8H5e7FW4qqnu5D2eaSbXznAM4NhQKZ9PDdUQ9EGTyw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2433080275028329&output=html&h=250&slotname=4348070867&adk=1487366383&adf=4198862039&pi=t.ma~as.4348070867&w=970&psa=0&format=970x250&url=https%3A%2F%2Fhinet.net%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626791321346&bpp=4&bdt=216&idt=159&shv=r20210712&ptt=9&saldr=aa&cookie=ID%3D6868ab07c3c9bdd1-22b87c2b81c80087%3AT%3D1626791321%3AS%3DALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ&correlator=1354287985938&frm=23&ife=4&pv=2&ga_vid=791402944.1626791320&ga_sid=1626791322&ga_hid=296630730&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=33&biw=1600&bih=1200&isw=970&ish=250&ifk=1078664049&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1623597559702417&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w88l2ugvejdy&fsb=1&dtd=189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 11451250718949484972
tpc.googlesyndication.com/simgad/ Frame C2B8 15 KB
15 KB 24ms
22ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11451250718949484972

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93c42da1bb50f07b79321a02d58ba029a7a6acfb73a02fd3bb536fbc395fcd17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 02:27:40 GMT
x-content-type-options: nosniff
age: 43262
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15583
x-xss-protection: 0
last-modified: Thu, 02 Jul 2020 21:33:49 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 02:27:40 GMT

GET
H3-29

200

B23993647.289649836;dc_pre=CMPCnvft8fECFRTTEQgd3CUG_g;dc_trk_aid=483145944;dc_trk_cid=131102398;ord=3441909534;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= Show response
ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/ Frame C2B8
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B23993647.289649836;dc_trk_aid=483145944;dc_trk_cid=131102398;ord=3441909534;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B23993647.289649836;dc_pre=CMPCnvft8fECFRTTEQgd3CUG_g;dc_trk_aid=483145944;dc_trk_cid=131102398;ord=3441909534;dc_lat=;dc_rd...

42 B
63 B

45ms
26ms

Fetch
image/gif

216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B23993647.289649836;dc_pre=CMPCnvft8fECFRTTEQgd3CUG_g;dc_trk_aid=483145944;dc_trk_cid=131102398;ord=3441909534;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:42 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B23993647.289649836;dc_pre=CMPCnvft8fECFRTTEQgd3CUG_g;dc_trk_aid=483145944;dc_trk_cid=131102398;ord=3441909534;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame C2B8 0
0 20ms
17ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJmismd32YK33IoL_zAbxxZcI9eeMx2Pf1fng1gzqn9yg1AEQASDMqoR-YJWKuILIB6AB-J344gPIAQmpAvccJ1GCy7M-qAMByAPLBKoEuAFP0FgRDEFe6XlkQ4gkpDYTrTOsdyfaXTzcLFTSBku7GEpO-5YsbafQ2gfF5GgBoHlvPXUXqGZpkS8tlel9AZIVwZ7WaeQXzefVJhDdtL-jaSb5Nlj9kXGT4uAy9GazqrDd1CIp9g8ILjUVOakzWRn2EUhy5ABNN7ktftiOtYIYm9QUkyEzbpqt4S6Ths-mKepj5pgiliC8pRw2yR1J0HyLB7XWxjQemOk6XzcMUx7jf5PL5WURVuIAwASSmtGXiAOSBQQIBBgBkgUECAUYBKAGLoAHte2p1gGoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEKbwetIICQiA4YAQEAEYH4AKAcgLAdgTDYgUAdAVAYAXAbIXGgoYCAASFHB1Yi0yNDMzMDgwMjc1MDI4MzI5&sigh=BNa6t1m4JEs&template_id=494

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2433080275028329&output=html&h=250&slotname=4348070867&adk=1487366383&adf=4198862039&pi=t.ma~as.4348070867&w=970&psa=0&format=970x250&url=https%3A%2F%2Fhinet.net%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626791321346&bpp=4&bdt=216&idt=159&shv=r20210712&ptt=9&saldr=aa&cookie=ID%3D6868ab07c3c9bdd1-22b87c2b81c80087%3AT%3D1626791321%3AS%3DALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ&correlator=1354287985938&frm=23&ife=4&pv=2&ga_vid=791402944.1626791320&ga_sid=1626791322&ga_hid=296630730&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=33&biw=1600&bih=1200&isw=970&ish=250&ifk=1078664049&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1623597559702417&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w88l2ugvejdy&fsb=1&dtd=189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 20 Jul 2021 14:28:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 07CF 143 B
163 B 13ms
13ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2433080275028329&output=html&h=250&slotname=4348070867&adk=1487366383&adf=4198862039&pi=t.ma~as.4348070867&w=970&psa=0&format=970x250&url=https%3A%2F%2Fhinet.net%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626791321346&bpp=4&bdt=216&idt=159&shv=r20210712&ptt=9&saldr=aa&cookie=ID%3D6868ab07c3c9bdd1-22b87c2b81c80087%3AT%3D1626791321%3AS%3DALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ&correlator=1354287985938&frm=23&ife=4&pv=2&ga_vid=791402944.1626791320&ga_sid=1626791322&ga_hid=296630730&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=33&biw=1600&bih=1200&isw=970&ish=250&ifk=1078664049&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1623597559702417&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w88l2ugvejdy&fsb=1&dtd=189
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmNMOsLS_T6OSSXloVNmKBSYhcrflDZC-dCHp-UQDVZ1IYGPftT10wPGEJtKoU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2433080275028329&output=html&h=250&slotname=4348070867&adk=1487366383&adf=4198862039&pi=t.ma~as.4348070867&w=970&psa=0&format=970x250&url=https%3A%2F%2Fhinet.net%2F&ea=0&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1626791321346&bpp=4&bdt=216&idt=159&shv=r20210712&ptt=9&saldr=aa&cookie=ID%3D6868ab07c3c9bdd1-22b87c2b81c80087%3AT%3D1626791321%3AS%3DALNI_Mby9zwbX-Qr7oPXW0B-A3PYtlO0kQ&correlator=1354287985938&frm=23&ife=4&pv=2&ga_vid=791402944.1626791320&ga_sid=1626791322&ga_hid=296630730&ga_fc=1&nhd=2&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=315&ady=33&biw=1600&bih=1200&isw=970&ish=250&ifk=1078664049&scr_x=0&scr_y=0&eid=20211866&oid=3&pvsid=1623597559702417&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C970%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.w88l2ugvejdy&fsb=1&dtd=189

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 20 Jul 2021 13:42:56 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2746
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C2B8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8745fa116553e1eb5a6577dc041ab0b0b3fe280115f6340a7b151b0ad9671059

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 204 gen_csp
pagead2.googlesyndication.com/pagead/ Frame C2B8 0
20 B 55ms
40ms Other
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO2n4vbt8fECFYI_0wod8eIFAQ&gqi=md32YIujIqiRmLAPisW30A4&layout=/pagead/gadgets/in_page_full_auto_V1/Responsive_Monte_GpaSingleIframe.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 07CF
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

17ms
17ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmNMOsLS_T6OSSXloVNmKBSYhcrflDZC-dCHp-UQDVZ1IYGPftT10wPGEJtKoU
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Jul 2021 14:28:42 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Tue, 20-Jul-2021 15:28:42 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Jul 2021 14:28:42 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Jul 2021 14:28:42 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 624A 0
0 57ms
42ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss0ITaqo4hIe1eLbDUSmh_fevcCHSiAQDiskVfaBCyCslZ-CzPbPzsDDDKlYZQjd5d8BYvN27wSABKG6zjyIhEKZ414k5h2_ClIilNPOnyLEsbipYLRPtWf6iLYyoq4sXncLR4h86tBza35_Mi9u_GUUBdKzP2TcKNZeHwz1NgGdGTJKK6dMVJ8b75bt8DMa2TNeAeyLA_KTmkBzgQq9QeE6YovErzP6kiIIwOg-ufj4294icKaqlQW8NTDyr9aODogp00eJqsafZKFuYNH9Kj9aZbj2m-xddipZESYJ0HalWjr4Kt4ZbvMoUpSe5YrCxyP1mucrNUsJnBd&sai=AMfl-YQRpsL4akQcsFs3mn3cEfz7JC81rvClAPH8diaFAas7pCxvzLhLRDqUJxG7rJMUkbS7Ug-3jOBkINRPPMF3bt9wuenhpg7PD-gYGj29q7R3thGtxtUyLCBs6gL_Dhw&sig=Cg0ArKJSzEIKXNdRLCvuEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 14:28:42 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 624A 11 KB
8 KB 20ms
20ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210712&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7c9dfdefe72ac6e15b87905928c625cace99ea185e42c93260ebbdf0f319d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8439
x-xss-protection: 0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FEA0 11 KB
8 KB 29ms
29ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4100fc90c9045dcb587f65b7c6f098622370ecd85d18fe221a858868e1e0d5f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8547
x-xss-protection: 0

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame FD64 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8152
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 12:12:50 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 624A 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:42 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FEA0 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:43 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 753C 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 13:20:12 GMT
expires: Wed, 20 Jul 2022 13:20:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F5C3 783 B
531 B 20ms
19ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

fb98ffd61d9c49886a14b1eec8b65802a8e240787840d145bbd17e45bd0ff770

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NLTAWb/84b0qhmYiulhjYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

expires: Tue, 20 Jul 2021 14:28:43 GMT
date: Tue, 20 Jul 2021 14:28:43 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-NLTAWb/84b0qhmYiulhjYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame EC72 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 13:20:12 GMT
expires: Wed, 20 Jul 2022 13:20:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 75C8 783 B
532 B 17ms
16ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ab94ded95a8d9e7aa822ab44c5d4e09b13eaacdf333321dbc0592d13b5c2c90c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MwTELHbZXXKLwm7uov9AZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

expires: Tue, 20 Jul 2021 14:28:43 GMT
date: Tue, 20 Jul 2021 14:28:43 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-MwTELHbZXXKLwm7uov9AZw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 753C 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 12:12:50 GMT

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame EC72 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 12:12:50 GMT

GET
H2 200 third Show response
ssp.hinet.net/api/web/ Frame FEA0 0
220 B 240ms
240ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/third?c=2017004&s=201702000018&th=91&wc=2905
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 13:59:57 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C2B8 42 B
64 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2lZNgCkJSjcUWIbw1wQs6qEpGm1dDHcf674Fp2knDwfFYCPhcmZpLz6K1IuaKg1boPTfZ5SB2jS4yTaHooZhUNx2ATqksQJWmgdRRF65bNNYQSSsC-zcDB9FpnA&sai=AMfl-YS-sUyYKJn81rm5jz8PmT9c-RPrZ_xU9tANue_0HEUT2RgjQQkDtj7ADdZO-K5gFlDZu34WEcX9tpzNQFGG-AI-L0gajOMBiCPbi7jEh-ut5otqv0byGa_ZIUs&sig=Cg0ArKJSzJsHKbccW3vzEAE&cid=CAASF-RoGwCRd85AY9chLn4U_qUIC71DBSaE&id=lidar2&mcvt=1008&p=0,0,250,970&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=21&adk=1487366383&rs=2&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626791321539&dlt=920&rpt=140&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FEA0 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071301&jk=76573324060190&bg=!CwilCEzNAAZjFomlYxY7ACkAdvg8WrXmuHcMQNu792ttl66uYDCGAlKe6DTd5TbIvqgp6YFB6ZkGrQIAAAEjUgAAABZoAQcKAPqF0nG4dsPinpI1p7n93EMdkVPaHj78btG-evKmW9kgK1KcNE6LEWOuAGG1wtrWzRBtyRO1-X0qb0VsosXWl2NV3LnRBfDrSziFVhEvqZPEvP3gDXrB3hx015T9lA1l1vM5RiEaim-s5VcTfuU0RLQq2PrhLu1oR55EwEhYN2CwQc0yijGwUpvyGaaHHxuM4rZe17qIxVX1uk_WE7o93yGuSnil9c4ZstvnEJnk3WVxWVlCfEitshOK81j9y8MxhAcrYU1AoYS_elrZnRSgxndzuSbhEnKgAuJycIbawuKc44Hd4AwN2CKm6i3zCh3mHhB_LxnMFUlrQFAUmQJ58-wDvIXx1cL2JdxPlGQpbKcWhGSjJlSTCgxfABruUbDWU7bWY15I8Vna6TQ9hvwF2P0lGkWA_rtzuNMfauxuwW6alkzybOVzwPdSvJAp6CkRW9bVANNS5SR_atwKqw2HI5kI-sDC8wxEuF3gki073NPUyvtuJxCW1iX98FcYjDy6VWxmwssQcx4kryiwW4kM4oX1Y4n6N-Af5uFX0ZQYZk2lYSmSms9JEbaEfR-zLFX9IZQOCI6KBGZSum2RpN330vrX3dcUV_4SoQ1AAglDm-TZdlrH_Elphgb0ZN_4zOfVnEGd-XEnL6MwLg7LXsoLs13W342-YMAHGyijgRkhVD-KyCE54_MzLQfwOdNISirlEmsPlSBO8cJSecFHAqrdv6qEnetVpzVDRMpEh2DI-NjX9qTyLcMDgFdkf2WRQwKzuIquAqbwj8RbN9CckSjW-xjuq1MtVu0U_VxN4o_-Hg1bmsJe3Vxra5XWYs3jLsl6-PRvStXXM6X-LKmyKFy-4nLpPbBozADjoQEFcKSq05QaSkl3n6W7LUEzpVxHhtcID1U4htFM35HoIDv1LzPSM9NxYAXksgCnA0rdMzJwGk8zZuXlCAoS_nO-1eMCqTz5Q4yiJ7UmYz-LCB7_hE79yGGG155WhZY-P9sYRBnYzZwe4d8Wu3nAbYsYKwJd9fC5ePWuZMxKc3I_SkbPhWlFI1Bn4bduR8iFsy8LqUL_si8WVuS_ahy1QmgvG9wM2ThPgLmQ9ids88fSMBYqb7f0L5Cp9gTHXQ5BuxPcreiPSLb30A_xBd4endtKdRe8-wjJe8subfHwtcDeJI1_wubFNo8QfCn3aXdu

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 624A 0
20 B 43ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210712&jk=1623597559702417&bg=!5uWl5aHNAAZjFomlYxY7ACkAdvg8WmCkiuTf562ku0cQrBvxyAaO5yixXqnj-1j2Rrs1cwfoyu9i3wIAAAE8UgAAABVoAQeZAqcmnqaeuAVByiu0Hqb7jngrwGuPCkb2u62jm2XEM0KhuepIFdZNIwRQEgApG4lufXDoEOqYHxDGp42S-iFAXdrz70xfQLE1ymgh1iuaeFaB7r5OrDnGiEOKRliB6nijRDUi-fLKMbc0WuOHYlBhYHlldkp_H6CkPWOqDlNrnMsb9vTLjA0O_qoRd_39rRBFvBiK9FasNBmw0y4sfVAfbSGARDSf-6gxtwZ7eCfSFlTonBoR7_l-CD3raJKPwZNJious3NNmzCW-JaoMvwSkZKH1zUAK_nHb4SIAl4baB0YXY5Rt1qgZdNtQuASGU4CqPOaAcV2rsiafYwepFJA73tlQII2ohY5pJroGOATRe6fCWZJg78cr_CtyGIT2YFypHijzYyl_YjTZir0GO__K_t8iE65gxn45IBK38xuYIimvNY81kHyLRlgXPNgjgcg6zCUphkJroVIDIQ2a87wbtSWU8hsSTgAeR7OcvQYgMqS4eGL9nEGOuMrWxzWRUq18gGwJ1LxvmUoAnrWpLRmGgB51hmIfMKl3jeigTPIIvpL-8Suz0wBMIqsXYAIX7b7OnYeHfvwDoqhBKQ-ECt74_qrAPV0N_u9s_fajZkyUDTPMlE22Y0E-cGgZKw0B7FzpHFkFAPbYTVGNs1a0NQGC4T5LbRHCHvob1kAf3sNFo1kxWEsdF-1u06B8hb3IuAnp01QQukvnPPoytVki3nSVoMiS9z9lB5wUPkjQczTrtjnwDhAEUb7FQEzMyu4hITv4GHOrdC2f_8nKhwNzbSnx1atLM0EhUkdZa6EWO582bdcClQSOB4LwwIDStXRjLGpLWaicuBp_yz7YV48SHe52z14-OWWHJIPxxxC1f2xdJfJ5mmjBPb_noL1ssgBBtnAYWCj15CXGmdW5

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 624A 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucuoh0TWyTE3LVyfPWclSbz3pzuk7R91NpmCL0F3Qtnkyrv_7Z1lkFootcgMEdRv-nAVcBlQTMrZFJeR-MSNAH_ri6ZD9rXDl-e9K1LmkDVjkWgyK-&sig=Cg0ArKJSzMCK8qiGGH1SEAE&id=lidar2&mcvt=1001&p=0,0,250,970&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210716&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=3413577103&rs=4&met=ie&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626791321138&rpt=355&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 646 B
814 B 247ms
247ms XHR
application/json 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017004&s=201702000010&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=GSluz&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017004%26s%3D201702000010%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791320215%26oi%3DGSluz%26site%3Dhttps%253A%252F%252Fhinet.net%252F
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 807eca5d6d97f46185f82a512fc258072023802b57b3c1f04fb5ab895d4bb7da

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 13:59:59 GMT
access-control-allow-credentials: true
server: nginx
content-length: 646
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 request Show response
ssp.hinet.net/api/web/ 2 KB
1 KB 245ms
245ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017004&s=201702000010&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=v9kGW&site=https%3A%2F%2Fhinet.net%2F&o=z1udO
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 51595f3a66321dcaa1147fd37091e4306eed1751e51f2845c038d7904a8b39d7

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 13:59:59 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 tag.js Show response
t.ssp.hinet.net/ Frame F1E5 6 KB
3 KB 246ms
245ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/tag.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

7142961a1ad7563f0016537a0cf6bc977bf8ae9fe60a0885fde76211ae3aac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:46 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 00:56:37 GMT
server: nginx
etag: W/"60ece4c5-1662"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 20 Jul 2021 14:38:46 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame F1E5 90 KB
32 KB 10ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Origin: https://hinet.net
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:46 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1626791326.dop168.fr8.t,1626791326.cds277.fr8.hn,1626791326.cds018.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2

200

zone.js Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame F1E5
Redirect Chain

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUu59M-f
https://gocm.c.appier.net/apnnet?hzid=HUu59M-f&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=tPTKRF-rBAmle1sqod32YA&hzid=HUu59M-f

3 KB
1 KB

299ms
264ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=tPTKRF-rBAmle1sqod32YA&hzid=HUu59M-f
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 83ffddbf18dbe1f2e22599404dcad85b092cc364be8b4f5e9b60e8dcfa36a3ea

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

Redirect headers

location: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=tPTKRF-rBAmle1sqod32YA&hzid=HUu59M-f
date: Tue, 20 Jul 2021 14:28:49 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 120
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 565 B
733 B 251ms
251ms XHR
application/json 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017033&s=201706000002&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=uqmGG&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017033%26s%3D201706000002%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791320215%26oi%3DuqmGG%26site%3Dhttps%253A%252F%252Fhinet.net%252F
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: d567961ad6c284150f2052f5e9771e31a5fdedcfd27f257cdd40491f99b32145

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 13:59:59 GMT
access-control-allow-credentials: true
server: nginx
content-length: 565
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 request Show response
ssp.hinet.net/api/web/ 747 B
609 B 253ms
252ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017033&s=201706000002&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=3Oo4D&site=https%3A%2F%2Fhinet.net%2F&o=20NRm
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 07aff0202766e66a13ef453dff3c6623449bf499dc6c0c331bec4ff637c42961

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 tag.js Show response
t.ssp.hinet.net/ Frame 8A56 6 KB
3 KB 246ms
245ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/tag.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

7142961a1ad7563f0016537a0cf6bc977bf8ae9fe60a0885fde76211ae3aac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:46 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 00:56:37 GMT
server: nginx
etag: W/"60ece4c5-1662"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 20 Jul 2021 14:38:46 GMT

GET
H2

200

60e7c39168713.jpg
ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/ Frame 8A56
Redirect Chain

https://ssp.hinet.net/api/web/exposure/?token=162678960002102a7d7359c1b6228d
https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/60e7c39168713.jpg

16 KB
16 KB

1272ms
492ms

Image
image/jpeg

61.221.82.7
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/60e7c39168713.jpg
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.7 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-221-82-7.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: 3defbd562ab7c3c8cb55bd162581bb9004092f11375e080bdede6f8116feec1c

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
last-modified: Fri, 09 Jul 2021 03:34:05 GMT
server: HiNetCDN/2104
etag: "60e7c3ad-402f"
x-cache: HIT
content-type: image/jpeg
accept-ranges: bytes
content-length: 16431

Redirect headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 14:00:00 GMT
access-control-allow-credentials: true
server: nginx
location: //ssp-hinetwork.cdn.hinet.net/dsp/uploads/image/60e7c39168713.jpg
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 646 B
814 B 246ms
246ms XHR
application/json 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017004&s=201702000042%2F201702000067&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=ZKWQ6&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017004%26s%3D201702000042%252F201702000067%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791320215%26oi%3DZKWQ6%26site%3Dhttps%253A%252F%252Fhinet.net%252F
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 240d2927e12b8ebf6571f444b04ae7250275076657aa0569c1f07d36650cd430

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 14:00:00 GMT
access-control-allow-credentials: true
server: nginx
content-length: 646
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 request Show response
ssp.hinet.net/api/web/ 2 KB
1 KB 251ms
251ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017004&s=201702000042%2F201702000067&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=RvP7C&site=https%3A%2F%2Fhinet.net%2F&o=jsG8H
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 609465c8d8a51cdaf49fb6af1a215d11a5754aa6b492c54c6524678ac41151ac

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 tag.js Show response
t.ssp.hinet.net/ Frame 68CA 6 KB
3 KB 246ms
245ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/tag.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

7142961a1ad7563f0016537a0cf6bc977bf8ae9fe60a0885fde76211ae3aac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:47 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 00:56:37 GMT
server: nginx
etag: W/"60ece4c5-1662"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 20 Jul 2021 14:38:47 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame 68CA 90 KB
32 KB 9ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Origin: https://hinet.net
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:47 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1626791327.dop168.fr8.t,1626791327.cds277.fr8.hn,1626791327.cds018.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2

200

zone.js Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame 68CA
Redirect Chain

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUuJ9M-f
https://gocm.c.appier.net/apnnet?hzid=HUuJ9M-f&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=yosMxOXEB6yqzscSod32YA&hzid=HUuJ9M-f

3 KB
1 KB

300ms
268ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=yosMxOXEB6yqzscSod32YA&hzid=HUuJ9M-f
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 6e686fe5df6b4d3de7bf9e1eb14f8a38393a799edc808785ef6c76f8b11b4b1b

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

Redirect headers

location: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=yosMxOXEB6yqzscSod32YA&hzid=HUuJ9M-f
date: Tue, 20 Jul 2021 14:28:49 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 120
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 745 B
913 B 247ms
246ms XHR
application/json 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017004&s=201702000071&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=3g16n&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017004%26s%3D201702000071%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791320215%26oi%3D3g16n%26site%3Dhttps%253A%252F%252Fhinet.net%252F
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 9cfad6d2f276c86edb36f3e11f80a2093d80755e408477d6c7234dfa957fe4cf

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 14:00:00 GMT
access-control-allow-credentials: true
server: nginx
content-length: 745
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 request Show response
ssp.hinet.net/api/web/ 3 KB
1 KB 246ms
245ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017004&s=201702000071&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=vejKJ&site=https%3A%2F%2Fhinet.net%2F&o=urkSO
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 92a7470a168117d5016639aad653cbc00d4fad480a7761ed2bd325ef5950c44c

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 tag.js Show response
t.ssp.hinet.net/ Frame AE96 6 KB
3 KB 246ms
245ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/tag.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

7142961a1ad7563f0016537a0cf6bc977bf8ae9fe60a0885fde76211ae3aac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:47 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 00:56:37 GMT
server: nginx
etag: W/"60ece4c5-1662"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 20 Jul 2021 14:38:47 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame AE96 90 KB
32 KB 10ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Origin: https://hinet.net
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:47 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1626791327.dop168.fr8.t,1626791327.cds277.fr8.hn,1626791327.cds018.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame AE96
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

84ms
33ms

Script
application/octet-stream

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a87fd41597436af0e4160d453d7e8e2b4384edb15d2fdf2058de7c29b31e637

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5299
content-length: 40120
last-modified: Fri, 28 May 2021 01:36:32 GMT
server: cloudflare
etag: "60b04920-9cb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1%2FXANK%2FuVsJSAbh1RxlGXb7OJ4dwDEhZgDKA5D53awB6RnU8lldkf0ezQj%2B0k0bImwgoU8RUoNUOOU%2FnbC%2FbY%2BRTOHqqjq525xUX%2F7gLUGKuIT7RcRNmmqbVa7w%2FpjguPsDJqB6KK3cH1zrnJw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 671ce0cffa1d4ea3-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 446 B
614 B 251ms
250ms XHR
application/json 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017033&s=201702000064&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=7q7p5&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017033%26s%3D201702000064%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791320215%26oi%3D7q7p5%26site%3Dhttps%253A%252F%252Fhinet.net%252F
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: d4d3e9eeda67afa044fa89adc9a7f502a24b711647669283c46a426a6a75855b

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 14:00:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 446
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 request Show response
ssp.hinet.net/api/web/ 736 B
635 B 255ms
255ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017033&s=201702000064&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=lbuFq&site=https%3A%2F%2Fhinet.net%2F&o=9oeIw
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: d578eb662c25055426362f05ee7b254adc180246f84be79d1ea25ff5bde24427

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:01 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 tag.js Show response
t.ssp.hinet.net/ Frame A5AF 6 KB
3 KB 246ms
245ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/tag.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

7142961a1ad7563f0016537a0cf6bc977bf8ae9fe60a0885fde76211ae3aac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:48 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 00:56:37 GMT
server: nginx
etag: W/"60ece4c5-1662"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 20 Jul 2021 14:38:48 GMT

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 649 B
817 B 248ms
248ms XHR
application/json 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017004&s=201710000009&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=yFCSI&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017004%26s%3D201710000009%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791320215%26oi%3DyFCSI%26site%3Dhttps%253A%252F%252Fhinet.net%252F
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 780ebfc3451246c1223e747fa6bafad1aaaa6c7aeddee3356bf302bbc2a0fb1e

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 14:00:01 GMT
access-control-allow-credentials: true
server: nginx
content-length: 649
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 request Show response
ssp.hinet.net/api/web/ 2 KB
1 KB 247ms
247ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017004&s=201710000009&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=lvtKI&site=https%3A%2F%2Fhinet.net%2F&o=PaufS
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 0807aea7026353462371e71b790d09695c9a27d36cbd97e9dcbc9775b432d330

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 tag.js Show response
t.ssp.hinet.net/ Frame FFD4 6 KB
3 KB 252ms
251ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/tag.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

7142961a1ad7563f0016537a0cf6bc977bf8ae9fe60a0885fde76211ae3aac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:48 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 00:56:37 GMT
server: nginx
etag: W/"60ece4c5-1662"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 20 Jul 2021 14:38:48 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame FFD4 90 KB
32 KB 9ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Origin: https://hinet.net
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:48 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1626791328.dop168.fr8.t,1626791328.cds277.fr8.hn,1626791328.cds018.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2

200

zone.js Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame FFD4
Redirect Chain

https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HtIi9M-Q
https://gocm.c.appier.net/apnnet?hzid=HtIi9M-Q&url=adx.c.appier.net%2Fpb%2F0wHT9JDiP3SORJx%2Fzone.js
https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=tqtT0E5NCZmCzOOood32YA&hzid=HtIi9M-Q

3 KB
1 KB

298ms
265ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=tqtT0E5NCZmCzOOood32YA&hzid=HtIi9M-Q
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: f06156d4532bb7945d1719700fb7bad88b611affa18648f3d770c76cdecaa580

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

Redirect headers

location: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?acid=tqtT0E5NCZmCzOOood32YA&hzid=HtIi9M-Q
date: Tue, 20 Jul 2021 14:28:49 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 120
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 json Show response
ssp.hinet.net/api/web/request/ 875 B
1 KB 251ms
251ms XHR
application/json 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/json?c=2017004&s=201710000010&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=JaEVB&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017004%26s%3D201710000010%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791320215%26oi%3DJaEVB%26site%3Dhttps%253A%252F%252Fhinet.net%252F
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: a15a37b5f58247aa4045843f4ec9ee9aa7e9ad425ff61d211e12800cb1e744a4

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 14:00:02 GMT
access-control-allow-credentials: true
server: nginx
content-length: 875
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2 200 request Show response
ssp.hinet.net/api/web/ 3 KB
1 KB 248ms
246ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request?c=2017004&s=201710000010&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=zPNq9&site=https%3A%2F%2Fhinet.net%2F&o=9g54d
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 9e23e0fdfe2224fc3ae0732430882444354abe235d3bce3f9b36ed29dcff8ca4

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 tag.js Show response
t.ssp.hinet.net/ Frame 4A7A 6 KB
3 KB 246ms
245ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/tag.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

7142961a1ad7563f0016537a0cf6bc977bf8ae9fe60a0885fde76211ae3aac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 00:56:37 GMT
server: nginx
etag: W/"60ece4c5-1662"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 20 Jul 2021 14:38:49 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame 4A7A 90 KB
32 KB 10ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Origin: https://hinet.net
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1626791329.dop168.fr8.t,1626791329.cds277.fr8.hn,1626791329.cds018.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2 200 universal.js Show response
tenmax-static.cacafly.net/ssp/ Frame 4A7A 124 KB
37 KB 62ms
22ms Script
application/javascript 2606:4700:10::6816:9ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmax-static.cacafly.net/ssp/universal.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/app.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:9ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9c6fc5a4cf8dfbd460cc8b1a95cec75c31bb09d635af0099f1175b910fbcf04

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: yj+NSpzx+4ztjFJ7qu+fJw==
age: 4092
x-ms-lease-status: unlocked
last-modified: Mon, 17 May 2021 07:42:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f44c7d23-001e-0008-2ff0-4af984000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 671ce0cfdc2f4ddc-FRA

GET
H2 200 third
ssp.hinet.net/api/web/ 0
220 B 243ms
242ms Image
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/web/third?c=2017004&s=201702000010&th=77&wc=1045
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H/1.1 404
Not Found undefined
hinet.net/ 5 KB
5 KB 247ms
246ms Image
text/html 203.75.214.159
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hinet.net/undefined

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

203.75.214.159 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-159.HINET-IP.hinet.net

Software

Apache /

Resource Hash

2b925a1ea7bc35eb469e00aafac345827bfc97a8002df1f5a27d8c40bde654b7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: hinet.net
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://hinet.net/
Connection: keep-alive
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:49 GMT
Content-Encoding: gzip
X-Content-Type-Options: nonsniff
Last-Modified: Mon, 07 Jun 2021 06:37:22 GMT
Server: Apache
X-Frame-Options: ALLOW-FROM https://times.hinet.net
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Content-Security-Policy: frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security: max-age=31536000;includeSubdomains;preload
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Length: 1854
X-XSS-Protection: 1;mode=block
Keep-Alive: timeout=5, max=81

GET
H2 200 third
ssp.hinet.net/api/web/ 0
220 B 243ms
241ms Image
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/web/third?c=2017004&s=201702000042&th=77&wc=1047
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 third
ssp.hinet.net/api/web/ 0
220 B 243ms
242ms Image
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/web/third?c=2017004&s=201702000071&th=71&wc=2320
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 third
ssp.hinet.net/api/web/ 0
220 B 242ms
241ms Image
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/web/third?c=2017004&s=201710000009&th=77&wc=1124
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 third
ssp.hinet.net/api/web/ 0
220 B 241ms
241ms Image
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/api/web/third?c=2017004&s=201710000010&th=69&wc=2911
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:02 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame F1E5 37 B
402 B 248ms
248ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

b8e0f84c28b67197499687117a93cad23f0ce2161f2855c41917eaeba19e2aa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 8A56 37 B
402 B 247ms
247ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

b16e4d837e670a5ebfc063192d8f154d15b8521adb391bbcb31cd171eec730b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 68CA 37 B
402 B 248ms
247ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

02e31402dbac2b6b19d2888d5db9e2fde1f773d512a0aa47fc2b42bd9e5aed3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame AE96 37 B
402 B 248ms
247ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

0537874b742c674b04fad914acd2c50ef54fee1a960a0c445f07f5a8cf2501fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame A5AF 37 B
402 B 248ms
247ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

45ca9e75bf0249dd53ca6b5ead588f9cab00a5231f8d529ce2c0979658fdbe61

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2

200

/ Show response
ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/ Frame FD19
Redirect Chain

https://ssp.hinet.net/api/web/exposure/?token=16267896015384cb1f9b7160df35fb
https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/?token=16267896015384cb1f9b7160df35fb

971 B
1 KB

238ms
237ms

Document
text/html

203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/?token=16267896015384cb1f9b7160df35fb
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 8b6efbd35984840fce333495d275c9e497c135f606951d8d1c5dbb21c8f1a43d

Request headers

:method: GET
:authority: ssp.hinet.net
:scheme: https
:path: /dsp/uploads/creative/60e5595b70a6f/?token=16267896015384cb1f9b7160df35fb
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __htid=dbfa26d1-3a80-495b-9107-897a0a54446a; uuid=58db230f-e815-481f-ada6-7351c93f007e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

server: nginx
date: Tue, 20 Jul 2021 14:00:03 GMT
content-type: text/html
content-length: 971
last-modified: Wed, 07 Jul 2021 07:35:59 GMT
etag: "60e5595f-3cb"
accept-ranges: bytes

Redirect headers

server: nginx
date: Tue, 20 Jul 2021 14:00:02 GMT
content-type: text/html; charset=UTF-8
location: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/?token=16267896015384cb1f9b7160df35fb
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame FFD4 37 B
402 B 248ms
247ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

98c42ecca9cdf35a2ae693f6ac522bd8e4b871dd0045161f9ab9e9ffd3e3200b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame AE96 975 B
632 B 13ms
12ms Stylesheet
text/css 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5326
cf-polished: origSize=1191
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qBc9N77rRlmNv%2BSfNdbida8rARlstzihQ8dcFA6YaSR0FSYZ5ZttybKZ5QNaiKOGZh6%2B4kPUPZGp3lEbcoKDIXcS%2FwDsJSufaD1r6pdPraTL9kbrgrPr%2F7XntBdigXnKH1H%2F3WkC6%2F7Folf0HA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 671ce0d08b6f4ea3-FRA
cf-bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame AE96 46 B
487 B 367ms
90ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Long Beach, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: ef353502936755d8002d507a8b6a3f2f442bf3f4949542489b1cd35bf3f622c3

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame AE96 379 B
1008 B 316ms
135ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=hinet.net&u=https%3A%2F%2Fhinet.net%2F&xr=0&adid=ad-9A2937E8D3BD782DC4D9B38A87A26A93&w=300&h=100&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.10736020254114842&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&ao=https%3A%2F%2Fhinet.net
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Long Beach, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 9fb6d160d60535606eb88b538ff8c37ad7d4af86a4b72f77cee97454dd7f142f

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
x-width: 300
x-height: 100
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://hinet.net
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-adtype: html
connection: close
access-control-allow-credentials: true
content-length: 379
x-adstyle: banner

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 4A7A 37 B
400 B 251ms
251ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

944b6e54b7a8787490fee6712961f8791872eaf24b6c9f20fc60ea0f910b9215

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H/1.1 200 b734323b-0532-40a6-8d4e-782e1c96bd3a
dmp.tenmax.io/p/ Frame 4A7A 43 B
528 B 1005ms
248ms Image
image/gif 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=724590611
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.HINET-IP.hinet.net
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:50 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK plan Show response
ssp.tenmax.io/supply/v3/universal/ Frame 4A7A 5 KB
5 KB 1360ms
250ms XHR
application/json 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/v3/universal/plan?rmaxSpaceId=cb9e2fdac4bb4396&referer=https%3A%2F%2Fhinet.net%2F&cacheBuster=0adb1108-ef20-4f0f-b0fa-b75802ebd880
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/universal.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.HINET-IP.hinet.net
Software: nginx /
Resource Hash: ab579ceff8154178dce14f737e28f63e2434ba610bac67fac9ad5329a60d451b

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:50 GMT
Server: nginx
Vary: Origin
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://hinet.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 4920
X-Application-Context: application:prod,aggregator,build-ext:58070

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame F1E5 30 B
271 B 251ms
250ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=dbfa26d1-3a80-495b-9107-897a0a54446a

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
t.ssp.hinet.net/ Frame F1E5 0
79 B 248ms
245ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/pixel?bd=dbfa26d1-3a80-495b-9107-897a0a54446a&t=ch%3D2017004%26st%3D201702000010

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 8A56 30 B
271 B 248ms
247ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=dbfa26d1-3a80-495b-9107-897a0a54446a

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
t.ssp.hinet.net/ Frame 8A56 0
79 B 246ms
245ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/pixel?bd=dbfa26d1-3a80-495b-9107-897a0a54446a&t=ch%3D2017033%26st%3D201706000002

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 68CA 30 B
271 B 251ms
250ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=dbfa26d1-3a80-495b-9107-897a0a54446a

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
t.ssp.hinet.net/ Frame 68CA 0
79 B 246ms
245ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/pixel?bd=dbfa26d1-3a80-495b-9107-897a0a54446a&t=ch%3D2017004%26st%3D201702000042

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame AE96 30 B
271 B 248ms
248ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=dbfa26d1-3a80-495b-9107-897a0a54446a

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
t.ssp.hinet.net/ Frame AE96 0
79 B 245ms
245ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/pixel?bd=dbfa26d1-3a80-495b-9107-897a0a54446a&t=ch%3D2017004%26st%3D201702000071

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame A5AF 30 B
271 B 248ms
247ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=dbfa26d1-3a80-495b-9107-897a0a54446a

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
t.ssp.hinet.net/ Frame A5AF 0
79 B 248ms
245ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/pixel?bd=dbfa26d1-3a80-495b-9107-897a0a54446a&t=ch%3D2017033%26st%3D201702000064

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame FFD4 30 B
271 B 248ms
247ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=dbfa26d1-3a80-495b-9107-897a0a54446a

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
t.ssp.hinet.net/ Frame FFD4 0
79 B 247ms
245ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/pixel?bd=dbfa26d1-3a80-495b-9107-897a0a54446a&t=ch%3D2017004%26st%3D201710000009

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 3194 6 KB
7 KB 53ms
11ms Script
application/javascript 2600:9000:20eb:3a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0beffdab5eb3e5bb2d2bd0a0222d54397a2583b3a8b5681cf353d5f35f893afe

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:27 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jul 2021 09:20:58 GMT
server: AmazonS3
age: 28
etag: "dfe9b96fd56e29211a8dd79116e44a79"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 6564
x-amz-cf-id: HA0OHWss3t106X4iDdyw9nYKsJY43_EnEbSfffUSFGlVUYbjq0nj4A==

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 4A7A 30 B
271 B 248ms
247ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=dbfa26d1-3a80-495b-9107-897a0a54446a

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
t.ssp.hinet.net/ Frame 4A7A 0
79 B 247ms
246ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/pixel?bd=dbfa26d1-3a80-495b-9107-897a0a54446a&t=ch%3D2017004%26st%3D201710000010

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 cht_cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame A1EC 807 B
640 B 29ms
28ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/cht_cookieSyncIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-type: text/html
last-modified: Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 5272
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lj8IOUfktLR%2BHCOu6b782%2F6zi6pBCiqg4lPEvQeJ%2FAYam2lePxu70crN08TFF%2Bbl6AzACse6QqXVaYnCwh%2Fjvj7AQLUu43Se2loaVnYOFzXmrr2HuItPQTqE%2FXf%2B0WOivSohyiVhIpsT0PSMEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 671ce0d2e95e4ea3-FRA
content-encoding: br

GET

idSync
sync.aralego.com/ Frame AE96
Redirect Chain

https://sync.aralego.com/idsync
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/733c3307-df76-318a-8763-b1b4aeeefb99?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-CX34nVdE2oWKlu2rJHb7jEP3HbNIls3c970b9g0-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=85bb1979-51ba-4887-b6e0-294134d07a8b
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/733c3307-df76-318a-8763-b1b4aeeefb99?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-CX34nVdE2oWKlu2rJHb7jEP3HbNIls3c970b9g0-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=85bb1979-51ba-4887-b6e0-294134d07a8b
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/733c3307-df76-318a-8763-b1b4aeeefb99?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-CX34nVdE2oWKlu2rJHb7jEP3HbNIls3c970b9g0-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=85bb1979-51ba-4887-b6e0-294134d07a8b
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/733c3307-df76-318a-8763-b1b4aeeefb99?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-CX34nVdE2oWKlu2rJHb7jEP3HbNIls3c970b9g0-~A&redirect=
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=733c3307-df76-318a-8763-b1b4aeeefb99&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=733c3307-df76-318a-8763-b1b4aeeefb99&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=83ccfda7-9738-426d-8165-63690138a0e5&google_hm=ODNjY2ZkYTctOTczOC00MjZkLTgxNjUtNjM2OTAxMzhhMGU1
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENJxgs1KH9vkehGcJ0uYKYQ&google_cver=1&ssp=ucfunnel&bsw_param=83ccfda7-9738-426d-8165-63690138a0e5
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=83ccfda7-9738-426d-8165-63690138a0e5

0
0

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame F205 39 B
159 B 129ms
102ms Document
text/html 34.95.67.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

:method: GET
:authority: fcm.holmesmind.com
:scheme: https
:path: /cm.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
server: Apache/2.4.29 (Ubuntu)
content-length: 39
content-type: text/html; charset=UTF-8
via: 1.1 google
alt-svc: clear

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 654C 3 KB
3 KB 13ms
11ms Document
text/html 2600:9000:20eb:3a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcab50b80facdd8259667f6902b74c713dc70feaf073cfed9b8de4a69fca6a0e

Request headers

:method: GET
:authority: cdn.holmesmind.com
:scheme: https
:path: /js/capmapping.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

content-type: text/html
content-length: 2642
last-modified: Mon, 05 Jul 2021 09:22:39 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Jul 2021 14:28:49 GMT
etag: "e1a480f03215f2f740d3ac73c7b1c641"
x-cache: Hit from cloudfront
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: IawBmQI3kp2Wn9Wmv9i5aia3HiIldj9i823p_3LzcyDw3rAEsG50xw==

GET
H2 200 edmp_init.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 3194 662 B
635 B 962ms
248ms Script
application/javascript 61.221.82.10
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.10 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-221-82-10.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 259ad62fbc15a266fd43f7a6da6333e2.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: HiNetCDN/2104
age: 36
etag: W/"f58f8a90686f8ffb3325107e8a788b71"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-cf-pop: TPE51-C1
content-encoding: br
x-amz-cf-id: zuyF-ycKEK_Y0ehJaMLFNts82l8hB5ze5wYT1EcnLbnFWEQ4d8Gitg==
x-request-id: b934dd13bcbdc0b03e7b12e61b093329

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 104C 6 KB
6 KB 370ms
369ms Script
application/javascript 2600:9000:20eb:3a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30a3ff10c02fd69f1209bd9153c983a776c8863cb91c3effb4a1be7c9b80e1bb

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jul 2021 02:19:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "c62e62c152e57c979abe141ef4e128de"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6102
x-amz-cf-id: 5geN4n70KJZQqEQaMcpoGCcedZaoVBluXKU2RjqpC78z1d0l2ZGC-A==

GET
H2 200 hinet_css.css
ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/ Frame FD19 39 KB
8 KB 239ms
238ms Stylesheet
text/css 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/hinet_css.css
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/?token=16267896015384cb1f9b7160df35fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: fab1a45a78be010b31ddd18c2f0b62fbb7ccc0ac121ca414dcd62e5e31b35d96

Request headers

Referer: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/?token=16267896015384cb1f9b7160df35fb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:03 GMT
content-encoding: gzip
last-modified: Wed, 07 Jul 2021 07:35:59 GMT
server: nginx
etag: W/"60e5595f-9ad2"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 sdk.js Show response
ssp.hinet.net/api/ Frame FD19 511 B
707 B 239ms
238ms Script
application/javascript 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/sdk.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/?token=16267896015384cb1f9b7160df35fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 8720484e11204ae053301b6b2a87d4180a3cdd0247b85df1edb674ed94f6ce56

Request headers

Referer: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/?token=16267896015384cb1f9b7160df35fb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:03 GMT
last-modified: Thu, 13 Feb 2020 05:50:28 GMT
server: nginx
etag: "5e44e3a4-1ff"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 511

GET
H2 200 100x90.jpg
ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/ Frame FD19 16 KB
16 KB 239ms
238ms Image
image/jpeg 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/100x90.jpg
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/?token=16267896015384cb1f9b7160df35fb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: db319cd187bc5684db60e2b65ff132aa63c5dc32dd8c98171870cbdf926ccd59

Request headers

Referer: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/?token=16267896015384cb1f9b7160df35fb
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:03 GMT
last-modified: Wed, 07 Jul 2021 07:35:59 GMT
server: nginx
accept-ranges: bytes
etag: "60e5595f-40fa"
content-length: 16634
content-type: image/jpeg

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame A1EC 71 KB
24 KB 17ms
16ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

1976c7bda247ffd809b89b7df9e94e551e7450ffeea7fe9a8499951d6eea88be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "935 / 152 of 1000 / last-modified: 1626779619"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24895
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:49 GMT

GET
H2

200

cm
c.holmesmind.com/ Frame 654C
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
509 B

118ms
116ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Tue, 20 Jul 2021 14:28:49 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H3-29 200 pubads_impl_2021071501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame A1EC 329 KB
115 KB 18ms
18ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

7ba1eee9803f9929376700a8065001dbda71dc890a08e3d6b50c851de0e927ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 08:37:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117198
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:49 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame A1EC 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A1EC 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame A1EC 330 B
160 B 33ms
32ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3895111902962232&correlator=235008772131065&output=ldjh&impl=fifs&eid=31061160%2C31061833%2C31061848%2C31061498%2C31061779%2C20211866%2C44740386&vrg=2021071501&ptt=17&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1626791329931&dlt=1626791329789&idt=108&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=qlqx512a7i6z&ifi=1&ifk=923963767&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fhinet.net%2F&top=https%3A%2F%2Fhinet.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=1340194146.1626791330&ga_sid=1626791330&ga_hid=316519361&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

3d4d71bf2d9b0bb0cc57d2218978e90d1a218ecce98398b10b6a840fd0dab802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e338583413426f34f084e5bf37e09973.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 45EF 6 KB
3 KB 32ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e338583413426f34f084e5bf37e09973.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: e338583413426f34f084e5bf37e09973.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 14:28:49 GMT
expires: Wed, 20 Jul 2022 14:28:49 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A1EC 11 KB
8 KB 24ms
23ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00a98dc5843fcd1f5311446faa5eedfb148794875dcd146ff05088cf0520e581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8540
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A1EC 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061848

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:50 GMT

GET
H2 200 bg.jpg
ssp.hinet.net/dsp/uploads/creative/images/ Frame FD19 0
109 B 238ms
237ms Image
image/jpeg 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/dsp/uploads/creative/images/bg.jpg
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/hinet_css.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/hinet_css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:03 GMT
last-modified: Wed, 26 Feb 2020 04:11:31 GMT
server: nginx
accept-ranges: bytes
etag: "5e55eff3-0"
content-length: 0
content-type: image/jpeg

GET
H2 200 dot.gif
ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/ Frame FD19 1 KB
1 KB 238ms
237ms Image
image/gif 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/dot.gif
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/hinet_css.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: f0b8f83ee292d91599e2d9684e86486ed773395afd4f0983d58221289669db82

Request headers

Referer: https://ssp.hinet.net/dsp/uploads/creative/60e5595b70a6f/hinet_css.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:03 GMT
last-modified: Wed, 07 Jul 2021 07:35:59 GMT
server: nginx
accept-ranges: bytes
etag: "60e5595f-481"
content-length: 1153
content-type: image/gif

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8820 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 13:20:12 GMT
expires: Wed, 20 Jul 2022 13:20:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame BC99 783 B
759 B 15ms
15ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b5027a3cb31185a77afc8bd909fe1f006a8121aeed5e55fd002d6cb202b2a9c8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Q1erCopVnobzkVSJZykvtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

expires: Tue, 20 Jul 2021 14:28:50 GMT
date: Tue, 20 Jul 2021 14:28:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Q1erCopVnobzkVSJZykvtg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 511
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 8820 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 12:12:50 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 104C 491 B
615 B 503ms
469ms Script
text/html 2600:9000:21f3:5e00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=12199
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5e00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e1c91c55e74065d95c7820c6ee08cbf002679315801d2a642f99545ed413f710

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true
x-amz-cf-id: W87UTJ_ZcfFons8zVcmkoDx3Vc77d7dywqb32kCvhrbQqEUzVrZKuw==
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)

GET
H2 200 zone.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame F1E5 316 B
396 B 280ms
264ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.bid?acid=yosMxOXEB6yqzscSod32YA&hzid=HUu59M-f
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUu59M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: e3331cc233f83eedf55cb78a8d64cf08bf3a4da1f11aead43a71c6a0fa3af763

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
content-encoding: gzip
server: nginx/1.19.0
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 zone.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame FFD4 241 B
305 B 282ms
270ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.bid?acid=yosMxOXEB6yqzscSod32YA&hzid=HtIi9M-Q
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HtIi9M-Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 1111480d07de289d56c041ee870e5bb60b713985841bcd5aedefa98936803ee6

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
alt-svc: clear
content-length: 241

GET
H2 200 zone.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame 68CA 175 B
240 B 272ms
270ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.bid?acid=yosMxOXEB6yqzscSod32YA&hzid=HUuJ9M-f
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUuJ9M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 1e721024c24b747f83d825736f949a0ce5aed9525c586e7b37c60a19db45b490

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
alt-svc: clear
content-length: 175

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame A1EC 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071501&jk=3895111902962232&bg=!dXaldjLNAAZjFomlYxY7ACkAdvg8WgQ0epVhSym4yHW38DSH-jJhbOqTCg_nZ7mkT9_TLaUMo4hN_AIAAADEUgAAAA1oAQcKANCVlygHxMPzpwmQAUiglEflufzxydzzcZXrI6FgTqV6TuWPtKHWEAG4--eCdN5EhWxllvTQb3agEY0i_A81cjEThZb0qZsQONhK_UC8pqaEUljkB4eH1sPAkYRy-WorDXYdaT5E7bF5E32QvFtzpDxAohSMAwVFnWkzzf2u9WWd3LzMYHf52JMbRFHS5og4DYQcbakwdtXVN8ncfFvfD9P1oFrez0Bm3a222f20xRkUlcWGdOGdmtSKeB4CJV9o5nHWj5O7q8KXpDnoti3N49RNmQKgwC8PwDe95wq_Y4_DkSt0Dj8gyqyERYuGPue-CUzjL0lYkgfgs-nIher_spCv8kwel3VczTsOX5n1JOLt7pUFUJ5ZhhYboIup11FCQVlo9N6coNT6sHLJ2uPhsk8IFhIbldcVDl8pvCAynGa1HE2Qz1Tn07JqvcPt6bFhKs3prVt_U6-rMf1UZ6qpjoQgCA0-cCu-BKbICFV1qb8sLVOU7NJyH_n1SndNgz2lK_0W6_RuJxDP8JKkALdXyEVv0P4H_ue4fBDZUHeVbaV-xSj8uu40WNutbu7dd1x2hNFQoaL1SNdsfxOkpAV2JJm3bmy8oR5fIzQpPNWs7sutRrNqvKjXfauHUksMa12dD1UuH_OuY7EDrzWbBadLjkhYBNziwnZDLNEdoJMSl62HquUQGdeZERg5WvshnUWFX-vWl4tgj2BheYy0s4ciTDiB9D2JEAomJUN0ncxu-sqww4I0gQaL5oAB4BsFS3gsBRqVv0IDrluBGYsAFcMBlcEudVdfRBLiKIMdZ4AdEC4leyOaP-kEQt6oSxS6xQTuUsPni142CUYk4mv4yYwF07Q2snG8JYFy3I_vfDyLcCdISeXNkYAPFhNxd1bTHbDw8YcjZzXAZ06JCZEYd5_ZiVsgBqXsppQrFMFZfNkzS0JxptFpCvZ8Ojo4CdmXNFMzMECnevL3B_n81wycKIUTOvB43IIGV3y1v7GmdfPcVHvCCxKUQ5hWUOWWFo_U4DIbLKoH9aLlZtpGOvOC6HdgzZewdxGTe-hArJSTrPvCPLtlWYLbjoycPKLwL5ToPX1gob9m4MjwjAFV8jLNHSX7uUvCZvBgWFjuG85kgwvCQE7BAzNVijErIPFovWkCsKHwtlZZGJ0qfqGr-GTzX4IxDitwp_Os

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame F1E5 12 B
73 B 299ms
269ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=apn&event=pageview
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUu59M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hinet.net
access-control-expose-headers
access-control-allow-credentials: true
alt-svc: clear
content-length: 12

GET
H2 200 adsbytenmax.js Show response
tenmax-static.cacafly.net/ssp/ Frame 426E 124 KB
37 KB 26ms
26ms Script
application/javascript 2606:4700:10::6816:9ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:9ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 402757d2bf7766f239c264c6e85dfd6511dd6a32082943a44aef49618179005a

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 20 Jul 2021 14:28:50 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: jTaqyErwadlsM/d3+EG5lA==
age: 5108
x-ms-lease-status: unlocked
last-modified: Mon, 17 May 2021 07:42:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: e7dfa860-601e-009b-0c98-656fcf000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 671ce0d81a6d4ddc-FRA

GET
H2 200 gcm
gocm.c.appier.net/ Frame 426E 42 B
308 B 242ms
242ms Image
image/gif 172.105.221.240
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.221.240 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1875-240.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
cache-control: no-store
server: nginx
content-type: image/gif
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame FFD4 12 B
193 B 296ms
269ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=apn&event=pageview
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HtIi9M-Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: https://hinet.net
access-control-expose-headers
access-control-allow-credentials: true
alt-svc: clear
content-length: 12

GET
H2 200 gcm
gocm.c.appier.net/ Frame 93A1 42 B
308 B 242ms
242ms Image
image/gif 172.105.221.240
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HtIi9M-Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.221.240 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1875-240.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
cache-control: no-store
server: nginx
content-type: image/gif
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame 93A1
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=789&id=idockddgbi4oomk5w
https://gocm.c.appier.net/aanet?id=idockddgbi4oomk5w&url=ad2.apx.appier.net&zoneid=789
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=789&acid=yosMxOXEB6yqzscSod32YA&id=idockddgbi4oomk5w

3 KB
1 KB

267ms
266ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=789&acid=yosMxOXEB6yqzscSod32YA&id=idockddgbi4oomk5w
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: f402647b2dc2ccb9eb991a845e2497085d8e86744054af941604c2201bb33a62

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
via: 1.1 google
server: nginx/1.19.0
cache-control: no-store
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

Redirect headers

location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=789&acid=yosMxOXEB6yqzscSod32YA&id=idockddgbi4oomk5w
date: Tue, 20 Jul 2021 14:28:51 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 139
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

POST fpc
pmp-beacon.apx.appier.net/v1/ Frame 68CA 0
0

GET
H2 200 gcm
gocm.c.appier.net/ Frame B884 42 B
308 B 244ms
244ms Image
image/gif 172.105.221.240
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUuJ9M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.221.240 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1875-240.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
cache-control: no-store
server: nginx
content-type: image/gif
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 / Show response
ssp.hinet.net/api/web/request/ Frame 68CA 2 KB
1 KB 250ms
249ms Document
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 7305b7f385f46cce9d54abb2317ea5e48d3049409e63e19cc675ee1cafe0b003

Request headers

:method: GET
:authority: ssp.hinet.net
:scheme: https
:path: /api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __htid=dbfa26d1-3a80-495b-9107-897a0a54446a; uuid=d6af6140-7a1f-4761-9e84-150941d4d4d0; _ht_em=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

server: nginx
date: Tue, 20 Jul 2021 14:00:04 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip

GET
H/1.1

204

cm
dmp.tenmax.io/ Frame 426E
Redirect Chain

https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=874119545
https://dmp.tenmax.io/cmp
https://cm.g.doubleclick.net/pixel?google_nid=cacafly&google_ula=514624859,1626791330&google_hm=elMvTTBPbG1FZXUrbGkwaEgvZXN4dz09&google_cm
https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESEH_xjyFB8jUeqr7W6cy4AF0&google_cver=1&google_ula=514624859,2

0
411 B

372ms
371ms

Image
text/plain

211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESEH_xjyFB8jUeqr7W6cy4AF0&google_cver=1&google_ula=514624859,2
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:51 GMT
Server: nginx
Connection: keep-alive
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dmp.tenmax.io/cm?adx=doubleclick&google_gid=CAESEH_xjyFB8jUeqr7W6cy4AF0&google_cver=1&google_ula=514624859,2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK plan Show response
ssp.tenmax.io/supply/v3/native/ Frame 426E 4 KB
4 KB 457ms
242ms XHR
application/json 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/v3/native/plan?rmaxSpaceId=73ce4c8845004f83&referer=https%3A%2F%2Fhinet.net%2F&cacheBuster=90ec89fa-f592-4721-90d1-6e4dc022b4ba
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.HINET-IP.hinet.net
Software: nginx /
Resource Hash: edf1f5b0b3e0135839673a6b4fd8edbecc41793e46740bbf1be3c47826d4e46f

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:50 GMT
Server: nginx
Vary: Origin
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://hinet.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 3862
X-Application-Context: application:prod,aggregator,build-ext:58070

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 104C 1 KB
796 B 760ms
263ms Script
text/html 175.41.232.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=12199&rf=https%3A%2F%2Fhinet.net%2F&n=20&o=1&d=1&b=2&ts=1&ii=2&FPCK=5261-uP2VgWH5uN93er9Jz0siwfrmaPszaDhg
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.232.18 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-232-18.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 0a60e45fe62d4f55ced27a7f78bbc29fe313ae8d896ad308a037ce2803178a1c

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 104C 3 KB
1 KB 252ms
249ms Script
application/javascript 61.221.82.10
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.10 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-221-82-10.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 db53508c0ad927e764160ee4b3fa81e0.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: HiNetCDN/2104
age: 47
etag: W/"6a605eea47197fa280f27aaf1fa1521d"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-cf-pop: TPE50-C1
content-encoding: br
x-amz-cf-id: ZNzgvv0LjZEWR9fCE_CnPsY0mGMSrDKOuYknptJtNUjlZ3kLALP4Og==
x-request-id: 90939d607daf6fd2a02251c947131494

GET
H2 200 bridgewellV3.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 104C 4 KB
1 KB 252ms
250ms Script
application/javascript 61.221.82.10
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.10 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-221-82-10.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 a460a3c392fb94cdbfe37191194bf60d.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 06:25:23 GMT
server: HiNetCDN/2104
age: 6
etag: W/"c3b948e5a48dd0ec20c265d6d8da7add"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-cf-pop: TPE50-C1
content-encoding: br
x-amz-cf-id: QLgSI-i1p4GfbsKPS1orH3PW8HSYmqh-ZBfx0JF9k7VWe130daXkWQ==
x-request-id: beb3a94c3aeb35f4b9b4542e6fe1df0a

GET
H2 200 appierV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 104C 3 KB
1 KB 252ms
250ms Script
application/javascript 61.221.82.10
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.10 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-221-82-10.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 7570f485f03bad71f82f7f4b41147dca.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: HiNetCDN/2104
x-amz-cf-pop: TPE50-C1
etag: W/"548ed610a8571343fb3022f543174735"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-encoding: br
x-amz-cf-id: oEAWM7eGikB-0eDN5j7q-pPOBdIKoVDFdsDaDMrLBDQc8hKuvuKP2A==
x-request-id: 79a9c87ef9f2b3b79e9b1a0c088911ac

GET
H2 200 appier_mainV3.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 104C 3 KB
1 KB 252ms
251ms Script
application/javascript 61.221.82.10
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.10 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-221-82-10.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: f443a34f019986fc0949e5f4993c6f400337ba74f296ece6fc7e667fd411f92c

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 b1e98d6f23bf8312e5a34847053352cc.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 03:25:47 GMT
server: HiNetCDN/2104
age: 11
etag: W/"2dd28f3fa27f42668b8859c537099414"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-cf-pop: TPE51-C1
content-encoding: br
x-amz-cf-id: cGj4-xM78SUslnkAgcpgKhI0Cx2mwk-MG-mf5E7b4hfbopBKLuiLcQ==
x-request-id: 7f3d7cbf445b96edc0a60f6a33ea1f9f

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4A7A 71 KB
24 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/universal.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e5e95d142f8aac59f9a58ce36d5598a81301dbf5bd8b99f2fbe2bee765b73d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "935 / 699 of 1000 / last-modified: 1626779619"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24895
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:50 GMT

GET
H/1.1 204
No Content request
ssp.tenmax.io/supply/tracking/ Frame 4A7A 0
206 B 467ms
239ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/request?bid=cd661f10-e966-11eb-99b5-f563b502b38a&chid=b37662add4764d18&sid=cb9e2fdac4bb4396
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:51 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 tag.js Show response
t.ssp.hinet.net/ Frame 68CA 6 KB
3 KB 246ms
245ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/tag.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

7142961a1ad7563f0016537a0cf6bc977bf8ae9fe60a0885fde76211ae3aac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 00:56:37 GMT
server: nginx
etag: W/"60ece4c5-1662"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 20 Jul 2021 14:38:50 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame 68CA 90 KB
32 KB 10ms
9ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Origin: https://ssp.hinet.net
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1626791330.dop168.fr8.t,1626791330.cds277.fr8.hn,1626791330.cds018.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2 200 zone.js Show response
apn.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame 68CA 3 KB
1 KB 268ms
267ms Script
text/html 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUuJ9M-f
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 5ba2f0ad483cd2da35d12f5f6004fc2a20650cbdc21959ecdcc92e6c97ccb2ac

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

GET
H3-29 200 pubads_impl_2021071501.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4A7A 329 KB
115 KB 14ms
14ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

7ba1eee9803f9929376700a8065001dbda71dc890a08e3d6b50c851de0e927ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 08:37:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117198
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:50 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 104C 0
171 B 550ms
161ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: banner-cfnetwork.cdn.hinet.net
URL: https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 14:28:51 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 104C 0
280 B 957ms
239ms XHR
text/html 210.59.219.181
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5878013307204839
Requested by: Host: banner-cfnetwork.cdn.hinet.net
URL: https://banner-cfnetwork.cdn.hinet.net/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 210.59.219.181 Taoyuan District, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 20 Jul 2021 14:28:51 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: text/html
Access-Control-Allow-Origin: https://hinet.net
Cache-Control: private
Access-Control-Allow-Credentials: true

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4A7A 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hinet.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4A7A 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hinet.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4A7A 15 KB
9 KB 784ms
782ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4108152970863386&correlator=694327627259038&output=ldjh&impl=fifs&eid=31061788%2C31061819%2C31061763%2C31061842%2C20211866&vrg=2021071501&ptt=17&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=37275962%2Crmaxspace%2Ccb9e2fdac4bb4396&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=adx_region%3DTWN%26line_item_type%3DadSense&eri=4&cookie_enabled=1&cdm=hinet.net&bc=31&abxe=1&lmt=1626791330&dt=1626791330976&dlt=1626791328959&idt=1991&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=250&oid=3&adxs=490&adys=2014&adks=3276293624&ucis=3smzot7u46t&ifi=1&ifk=681578760&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fhinet.net%2F&top=https%3A%2F%2Fhinet.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x0&msz=300x0&ga_vid=159585506.1626791331&ga_sid=1626791331&ga_hid=1771630770&ga_fc=false&fws=260&ohw=300&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

a0c6f19f85dc91a7a7813255364375ff8c320934a28cd457c69995335e5b809b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8845
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hinet.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F893 6 KB
3 KB 56ms
17ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 14:28:51 GMT
expires: Wed, 20 Jul 2022 14:28:51 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 426E 69 KB
24 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/adsbytenmax.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b02c932a1571f099b28ac87a27785d47ed772c8b7b8d6953f3dbad43a07488b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "935 / 335 of 1000 / last-modified: 1626779619"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24203
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:51 GMT

GET
H/1.1 204
No Content request
ssp.tenmax.io/supply/tracking/ Frame 426E 0
206 B 470ms
238ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/request?bid=cd8c6bc0-e966-11eb-99b5-f563b502b38a&chid=0ed9c6d6ce704bb8&sid=73ce4c8845004f83
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:51 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 68CA 36 B
402 B 248ms
247ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

f5b137432410aa824bf25f4816facfb2da720ae0cd282f3ee5330440f60f8fda

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ssp.hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H3-29 200 pubads_impl_2021071401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 426E 329 KB
115 KB 15ms
15ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 14 Jul 2021 08:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117283
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:51 GMT

GET
H2 200 zone.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame 68CA 175 B
236 B 272ms
271ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.bid?acid=yosMxOXEB6yqzscSod32YA&hzid=HUuJ9M-f
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUuJ9M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 1e721024c24b747f83d825736f949a0ce5aed9525c586e7b37c60a19db45b490

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
alt-svc: clear
content-length: 175

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 426E 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hinet.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 426E 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hinet.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 426E 15 KB
9 KB 457ms
456ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4173022192182835&correlator=3845185248021997&output=ldjh&impl=fifs&eid=31061649%2C31061813%2C31061817%2C31061833%2C21068766%2C31061779%2C20211866&vrg=2021071401&ptt=17&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=37275962%2Crmaxspace%2C73ce4c8845004f83&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=160x600&prev_scp=adx_region%3DTWN%26line_item_type%3DadSense&eri=4&cookie_enabled=1&cdm=hinet.net&bc=31&abxe=1&lmt=1626791331&dt=1626791331343&dlt=1626791330285&idt=883&ea=0&frm=23&biw=1600&bih=1200&isw=160&ish=600&oid=3&adxs=310&adys=1511&adks=1802500818&ucis=7msulif81mbq&ifi=1&ifk=917015152&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=2&url=https%3A%2F%2Fhinet.net%2F&top=https%3A%2F%2Fhinet.net%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=610938876.1626791331&ga_sid=1626791331&ga_hid=187027798&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

119b6b2dd61cabb9f76a3d8797ec22630a27c6eaf5a3e28ec8dda41542be5a5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8968
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hinet.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 374E 6 KB
3 KB 40ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 14:28:51 GMT
expires: Wed, 20 Jul 2022 14:28:51 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pixel
t.ssp.hinet.net/ Frame 68CA 0
79 B 245ms
245ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/pixel?bd=d6af6140-7a1f-4761-9e84-150941d4d4d0&t=ch%3D2017004%26st%3D201702000042

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

POST fpc
pmp-beacon.apx.appier.net/v1/ Frame 93A1 0
0

GET
H2 200 gcm
gocm.c.appier.net/ Frame 680D 42 B
308 B 242ms
242ms Image
image/gif 172.105.221.240
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=789&id=idockddgbi4oomk5w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.221.240 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1875-240.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
cache-control: no-store
server: nginx
content-type: image/gif
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 / Show response
ssp.hinet.net/api/web/request/ Frame FFD4 2 KB
1 KB 248ms
248ms Document
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 2fbcf64365f61368d992118a909f3b859422c871bb55f0f40e23f7d138ff8fca

Request headers

:method: GET
:authority: ssp.hinet.net
:scheme: https
:path: /api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uuid=d6af6140-7a1f-4761-9e84-150941d4d4d0; _ht_em=1; CFFPCKUUIDMAIN=364-XYjFkrSFyjIFQihIYlZgoTMvb4oU1YYA; _ht_hi=1; __htid=d6af6140-7a1f-4761-9e84-150941d4d4d0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

server: nginx
date: Tue, 20 Jul 2021 14:00:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip

POST fpc
pmp-beacon.apx.appier.net/v1/ Frame 68CA 0
0

GET
H2 200 gcm
gocm.c.appier.net/ Frame 769F 42 B
308 B 242ms
241ms Image
image/gif 172.105.221.240
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HUuJ9M-f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.221.240 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1875-240.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
cache-control: no-store
server: nginx
content-type: image/gif
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 / Show response
ssp.hinet.net/api/web/request/ Frame 68CA 3 KB
2 KB 246ms
246ms Document
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 48d2e6dc0ef8740947d6b4f93dc327e5cf8537d8829491c451904ff466c14129

Request headers

:method: GET
:authority: ssp.hinet.net
:scheme: https
:path: /api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: uuid=d6af6140-7a1f-4761-9e84-150941d4d4d0; _ht_em=1; CFFPCKUUIDMAIN=364-XYjFkrSFyjIFQihIYlZgoTMvb4oU1YYA; _ht_hi=1; __htid=d6af6140-7a1f-4761-9e84-150941d4d4d0
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll

Response headers

server: nginx
date: Tue, 20 Jul 2021 14:00:05 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://ssp.hinet.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 104C 10 KB
10 KB 948ms
948ms Script
application/javascript 2600:9000:20eb:3a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=12199&rf=https%3A%2F%2Fhinet.net%2F&n=20&o=1&d=1&b=2&ts=1&ii=2&FPCK=5261-uP2VgWH5uN93er9Jz0siwfrmaPszaDhg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: RefreshHit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: 35Cl_69b8vEUJrts7WDoJSgZhGKnWOW7o7aCGjNy_WDd72IoXdjW_w==

GET
H2 200 tag.js Show response
t.ssp.hinet.net/ Frame FFD4 6 KB
3 KB 246ms
245ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/tag.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

7142961a1ad7563f0016537a0cf6bc977bf8ae9fe60a0885fde76211ae3aac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 00:56:37 GMT
server: nginx
etag: W/"60ece4c5-1662"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 20 Jul 2021 14:38:51 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame FFD4 90 KB
32 KB 9ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Origin: https://ssp.hinet.net
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1626791331.dop168.fr8.t,1626791331.cds277.fr8.hn,1626791331.cds018.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2 200 zone.js Show response
apn.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame FFD4 3 KB
1 KB 264ms
264ms Script
text/html 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HtIi9M-Q
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: f3dda733f91e094a6b8b09345ebf9cf6b567b37c109c974574d657ed2248750e

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
via: 1.1 google
server: nginx/1.19.0
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

GET
H2 200 tag.js Show response
t.ssp.hinet.net/ Frame 68CA 6 KB
3 KB 246ms
245ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/tag.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

7142961a1ad7563f0016537a0cf6bc977bf8ae9fe60a0885fde76211ae3aac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 00:56:37 GMT
server: nginx
etag: W/"60ece4c5-1662"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 20 Jul 2021 14:38:51 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame 68CA 90 KB
32 KB 9ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Origin: https://ssp.hinet.net
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1626791331.dop168.fr8.t,1626791331.cds277.fr8.hn,1626791331.cds018.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 68CA 69 KB
24 KB 15ms
15ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

72e05e2b9663f192d248a1be27032bc54fe69d7d462c5debd23e58a5b86e51e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "935 / 981 of 1000 / last-modified: 1626779489"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24188
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:51 GMT

GET
H3-29 200 container.html Show response
3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CA08 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 14:28:51 GMT
expires: Wed, 20 Jul 2022 14:28:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4A7A 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:51 GMT

GET
H/1.1 204
No Content impression
ssp.tenmax.io/supply/tracking/ Frame 4A7A 0
206 B 238ms
238ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/impression?bid=cd661f10-e966-11eb-99b5-f563b502b38a&chid=b37662add4764d18&sid=cb9e2fdac4bb4396&lineitemid=5346731421
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:51 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4A7A 11 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bc03e8d8981cae41ada3b59435cdbb772e1e56ca22e09fc28b1061652746cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8549
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4A7A 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071501.js?31061819

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:51 GMT

GET
H3-29 200 container.html Show response
599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 363E 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 14:28:51 GMT
expires: Wed, 20 Jul 2022 14:28:51 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 426E 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:51 GMT

GET
H/1.1 204
No Content impression
ssp.tenmax.io/supply/tracking/ Frame 426E 0
206 B 247ms
247ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/impression?bid=cd8c6bc0-e966-11eb-99b5-f563b502b38a&chid=0ed9c6d6ce704bb8&sid=73ce4c8845004f83&lineitemid=5346731421
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:51 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 426E 11 KB
8 KB 29ms
29ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bffa861551f198af286512533cc265c00f751f6b96f6c2e9c66cfe4a1775f7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8668
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5219 624 B
350 B 17ms
17ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjY1bWvATAB&v=APEucNWxIQqGbZOJINTSY9il0T6lZLnxnEc_tHjMq82Hfs5m9Fg2sbkspRlD_-Mju1v5j2BRxiI_ZAV7NLvzg3OoAP6IwTlry2LgUlMqVaIcAf378gxOUUejIQxMKlog56dv--JlqNWe3qkitMOYJGgID0zJCJvvTyQGva8EXFHtSb2Zsft01sw

Requested by

Host: 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
URL: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPvjgQEQ_aOOARjY1bWvATAB&v=APEucNWxIQqGbZOJINTSY9il0T6lZLnxnEc_tHjMq82Hfs5m9Fg2sbkspRlD_-Mju1v5j2BRxiI_ZAV7NLvzg3OoAP6IwTlry2LgUlMqVaIcAf378gxOUUejIQxMKlog56dv--JlqNWe3qkitMOYJGgID0zJCJvvTyQGva8EXFHtSb2Zsft01sw
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnELCKGsB53gABFqtKRAs2R1sYnn9hdoNOWcHZNDGwzc1tM0Or6eJ37zjdkQEY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 20 Jul 2021 14:28:51 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame CA08 72 KB
27 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIMXt0EJaERDeFZGb3XiO-Um-CjcUV7LmeL1KxzII5tXN_7J6gLWwf66-C_sjJ-gMcQAkiY_Pt4GVnBSz-zHOdRmlX9d69cKD8Vq3BFN3PghQMxXGqdUt7RhZGVuNyhwGrDKU8ks4DjCZVGpii69pRer07Pg&dbm_d=AKAmf-BmtiSNlqjAHOBdMt_HtiymDV4sJWgbMwIQE3RFHQSisZ2YLQfGqKNtKmA7PssH-y0X90HvRWzxBBGBNR4Nprs05I-hOap5yrmI3YDFYHpBj3_qSnhiBXuZSdcGqCTCgTtiRwlaxVQ3QZjbDWblqIk5Lq_AWSWDsteKyWOpUC4RKb4e50Ro9-CdgPvL7ICK7gR2nR-iwvCWhnfJ_ZvAIGQ-fbsYJUvJFf6FhDiE_RUyPktXp-GnAtGngxx9VvYFHiOB1n7OYTlxILEyf5zhk8NwVuT5Kn3CFUDiY-kMfhFQAnwZdJclZgX07Xd63hwCVL4doTzqDEPigA0FvGtZgcSJg7QC3ut-UG-_JI1oDCMns_Dze7rOd06aV0UURneug6aeUtEsbcujTQRtDjNvclvir6mdyRLdOUmyoLmFx48KrGkTzPWr0LM5GvPADGZ49jA87CvKzxNuUMH6y5bPd89UH4W04hOmZesuK9oOvKUrumW_IRLMsgul7Sg8y3QVDIo5uaFSNyygrw0ecPmkvorzB6PEIy4Mdq8aIgXis3m9uvFQpLqvtG1CCdYyVAHnKq_oCGspKjqTYRJxKXVsWyokmS1xAEOVmGayK9WBX3AXgjogyYkPAcoQaW8-8OrAyFw87JWqlrhVcbcAnjQjq_-wBuUFAt-7qdWDsRvHOFLbg0oEdi9RMAfu-3IE1CeM8ls45wQxh1PgfVU6E_RjpuAfVHP9WtpRVbBcOhkesbl0VQDzS2cBb1CZbFfVCDAvCSjdounY3uWSUfF0MJRgeHHGrz6yFdfFjrRPpF-9LQqrzTeYAiFygln-tgyxs67EyQ-aReTGjmqOYROZAvTpYyFMAsf1LeCoeOySvFiWrz1t0TTXFzgPArdX-QDHNpGTlOWm1NKl_2BKI6Sm5WO13WypPH9IfUNzVjFjbqVvzT1rRP9Sb7iX_ICd0O-3vrYiZ4ClJ3T0YgOutiIwgf_fMi29WVrCQmOVABqTPnpQt1RJAy0VlMAx3FhoIGaM3wp0WGq-KispHGRl0SR_zhQeoxKLtgvluEK2IyUfcziGwUzsmKHaIx7q2RXcx_ITCab_ZYmIS0hmKk7cujP0LC3YEIQTn7yEcRCAgYoXUUHo_MsZIGvN6hkh1iyupPXh5Xn0befO6hK0XffedoizIsXK5DagFoU5R79y_7JKz6Rxz1BLbU2j411a3Xoa7S9qa25Xe7R41Qj8kGTDPewMu8p9vyRr_VBuzNS1u7PHlSc2fGs0aaw1D4jHWWIrfum2pCTv70_wzHmIeOfyO8cPFxg_YrRrQ3eNuFc2Eyt03G2BUGtdileWysSKx-GiAG0EzIGppGdSRk4rTutW_u1vC7FABSW9BTvGXBJNoGd8If5DQSTyapfe376mLSoWhWcsIUCCluxnvxZnCYCnNjcgvpoVZQuQsrKZro0zxeChBBOgkZcGlDLa4ZhBgDj73Ln09-LzzVj1_YZh2tshw_sUiTqrQ3GY65uxjNBvZnmVGPsQNEw-zwQljPMJ5UOkCvkksAO3z72DbA0wgk6lNjqopNGIDJz6uMuTdfpJug8WHSdriOt0gCG7YxWLDkr2ePmQmIrJ4rCmJWUzBcRLXNdJuB_mUl6QnRBurEWuqWiNjIayxgHl7cjxSDw6FtqazXGa2MPgPAlwzhIK193rPSYSv24P85w9q5b4Ozd0MXHEk78A5--EvLDFCsfzwGQiuF4Sh5vhWSwXMmX0IxwOcrzcIO6ZirlU-0SZaX4lDscqkho645sauRYh4Cu7ZJY5ArOIYi5g7r0W8RxDS0KC36PyomPwn8jJLSCIKU-Zgv2pP8OhtIq-Tiv8LXZtLBdJ5xMVvGVtY-7hm-sW9YaASiul7PQAletEjN2lkguUDNgUPw_emrt5Cjj3uEozcoKbC5ZloRBqpfEep416bmZauelNQD6O7aQy_dTZzvGMiZ77HnCO4mQ1x0ZStnIFPSgHBrswjfn-u7QE_HVcly4ClsZXD6a0DB33s_pq-UdbkO0s5jBQ4ck_N1f34XyCyDpa0s3ayBE6VYrvjDYpe2_B9I-W0Q3iJPwrcTelGxvm6vOqO3h4h9XYXcJ50OmOClU5aOrr6FNNx0Nj692LDqvbGhe4NMhfBJiy8zHjOYqNDF5-wzVqeI1v4ua7lJBBEL0g4O3KFhGKv23dhvn0hd2FkdDYftvoY0X6IMhKmST3Iz0YuolXkcw8UnPx-OpPc4LFzRww60WVkKCLNzHzlERc94_HLVxGOC0U8lQomo-SiP_6aGpNi8iKiqxrvVwUtUqLiN7LRN0hxBVUIfOb65EhEcCssxvXyzo2FBjsbl7yb_4ePqWR6_27hTTuSws7gAr5mMcU1k-z7Kjrl7gUWCfgeF0LjTzZNA1cOIYineFlScOOJKbQg68DgL16mMQnvDzMRrVT-slptG4qNuEdjJp0-YD7p8jpEIXDj6l7rYG9RyNL67dvrE_Zu0vNUIIjzVfhorvh9UY2DgG4wLe-vcqva1keXOTxIAdOTWoAojyCymqh7vQ6tEFT53WeuSoFqiVnXRBVCp4dfnbOChiIvx96K9MnJUBFmWFkB41cWzq1Jz9ad-LHuOYlTDjHkSAnFPUwjbe6MYrzvhFhkL1PIbrleDiZrTNjfxpyfUkzmPt1ZPKyR6INThYbw7FXXaQLXa0v3IhsjpKxfQShhnmXfWyoBPVvH8JXrn8yNfGCpboL-CxWLHkiJUhyQQqZIsI41lTXn01P0k0PHMzMkZfZ3RwUPp6k-ONRKrz-vNlp-jNzoUTKQKKaNg4sdXMf0yev6y7ImGJkSQW-X_YAOr5fgz3J39zrmwPvGFP8sODMl-h3L_NcMZvYsvNyMwWuLAg&cid=CAASEuRoZvl3rVbShW4tucJiYlLBlw&rfl=2%2Chttps%253A%252F%252Fhinet.net%242%2Chttps%253A%252F%252Fhinet.net%252F%240

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fd1aed61a89e7c327b3d84e909d0f2276f8dfce71cecd1e11a38a49d74b23af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27877
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CA08 42 B
63 B 39ms
39ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CroJn1H_rF7mgn58VxdvuGrrqBZ2BE6W98xCMNagVCpqqz4ejuefxRvz7fPB1mnL0Uu9x9smNXL9vVT7FdIFyGnuZ-wOh_StnRp93_R0YHdxTn5c0

Requested by

Host: 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
URL: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame CA08 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
URL: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 199
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 14:25:32 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CA08 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
URL: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:51 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame CA08 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
URL: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 684
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 14:17:27 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D307 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 13:20:12 GMT
expires: Wed, 20 Jul 2022 13:20:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1ABB 783 B
533 B 15ms
14ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6f9dda37d3285cf6d7c05e42f20d93d93f5f658676cb1951a1cf4da206fe5a39

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4wUXjo0fRF3nh8WvRe5b+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

expires: Tue, 20 Jul 2021 14:28:51 GMT
date: Tue, 20 Jul 2021 14:28:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4wUXjo0fRF3nh8WvRe5b+Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 328A 624 B
297 B 18ms
16ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjB-92sATAB&v=APEucNWjEoLOa0YipKhgfmXy6y950iqhTjGllJpgxSATP1MghnFZenEn3lyNU82E-kexjZpjEzunTSiyRVlUB2NMacKj9T8hB5U19SyFghvGkQTrY5DqoF4Lj5RhDNfOjdJOhlzMK0dM3U6cGpEJ_jCdGHk6xRmcngu_d1V0an_4-mNp4dqFVMc

Requested by

Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLOokgEQ4p3QAhjB-92sATAB&v=APEucNWjEoLOa0YipKhgfmXy6y950iqhTjGllJpgxSATP1MghnFZenEn3lyNU82E-kexjZpjEzunTSiyRVlUB2NMacKj9T8hB5U19SyFghvGkQTrY5DqoF4Lj5RhDNfOjdJOhlzMK0dM3U6cGpEJ_jCdGHk6xRmcngu_d1V0an_4-mNp4dqFVMc
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnELCKGsB53gABFqtKRAs2R1sYnn9hdoNOWcHZNDGwzc1tM0Or6eJ37zjdkQEY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 20 Jul 2021 14:28:51 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 363E 59 KB
24 KB 48ms
46ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsBObYpjFQCdXaO-TbEKoQMf3JDo0nf6br3VGvocdRzPm1cuITE99Pzwv5uWTeEds0OhQWhHtfCQSD4NTAoz8y2Vb_Voc1J4W6DJUBItnYHYuyl-tA9r-PXsQP9yVMuS38n_L8TujwzgtQnhGifyemg72iyQ&dbm_d=AKAmf-Agee0HATbpPO4Sh6d3k4a6Kyt3xeMw4WvLJsHxhOGYLwHeaumQ61unS7NaBti2RaQhEBbvRjGpsIyQ0JochJTNAJviFnGy8bDGLuLuHcaqIrr2pkGgdXpboBh6tMHAgw0YP43Vutl4a69r7-sBLWDCEDFJyKjU2qC4e_vD1TukbUw7QkAxDSxdQTLNzJtWcwmTTiH90T448aaI6mgfFhbchRC37-MYH2U4EtFOyz2MFalFpyhF-QsE07dg-vDTVYIM5UFR8GlCGxTfIWPfwU6GFAQ6tWv5MurkqRWa07ARDu5kcWP5VWCNqu3_amom_NLNPV3xPWRDVWxmb9-xhqS_I4aoITA96FEuNQs0NzC9-n6MLpiGB47wb_8kUuDiHFQJrmRdIMPtjtdZ3y5pN5lFR3IAihnUoxaWEWb3hfIfcWoWjbMSW-c4A4ctrZHAPlXJsVIKw5-v9-HZpJwnYuB5jph1ckHmJbz_IXntZVKXvweUElw3MwXx61OLtGW62GjmXXHWaEqIomqWL6hZAXEMXHAP1te4QAfIIhcljIrLkW02M-KshRqhOUAGQNvovMsB9SCBhD8sUHPJWE93sVUVPUSxXYUUTYI5jrcv_czqsiBjxT2L5vte2nwqY-y8n5QKUDADm5e9Sm1g6lht6L4JfF26dOX_D8sXKveWdOa-Xi7huu2LFQb-IrfPajEId1BSFlY_rDPYHRKLkUWUPzd0c2pXf7TA2UkKxxTlU7oGmWturiD6q1v5nQZuGvfBoRrCZVlhwdjxdXPyoWjNUHjGt8baeTfQg8VIGVxZdwlWwPBXu8Lq_Cio-6QI0Lq3EiDpUiXmGyX1HdG_Bnc_W4abAQhhLyUJTEnUbJ7W-2kQL78ALXy_y1mo9mUO6omVJMV_hlKWOIe1bX4H62UsEc1b9gBMbnvyJVgdipEHhZB7zntEXBNP_EH5cCE_-u0L8AGLQphy0tbNo88mr8EEZaKaEwe9qVQ9ZMSadDS_qJoerSk-nv_MaD9aMmDitknVKD4zL1yMKP2kmeprIZ9bsORu9eQrpGTwE9FEKEg3NXkqnU50gqMRrSXxsPiN9ON08blLFll5vvsBQiGZNY86nAypC-AFh82C4ArbYrEsMpPurQ3yh69FMVoYv0kp-DWqCuKI-JERZYQKrmAKaBWBz9EHZk1g9pNS63irZISXgXe4hXysjCR8azeZkWxAedPdG3x73LqCYIYO31QSz31V0DylqbAIR0p4I55UUAezmD9-lN1NfDf_wQBsh-0SMB95otz4GoUHfOS7rDBnKUkKdMvjGsziJEovF41g8EiPoVedK27uY1rIlzZJoAiNe6PvcaN2dBK-1JXnmli2Qg5NDvH0UNbkzqTjIBDhGe0q3YfvUuneBHi4a5cUwdj05lW7qa4tMIZ6NZKYQWSsLn66fbLOYeWC_355DLFUNjquowLiOt9Swltgkl7hAdxl4U1c3vPOdrNLHrLdQTq9dWiYSkg4elmqaSW2xaHT6GeDQuwlM5ZJeRVgY15F6LvvEJdWRiCNb7ZWc3HyUIR93_SIbZ7Uoec-IV35lHv-cK1GPISb_DJF3tqE8dwtlzXOQqwt5aBZxDlbPx7NT6gPkrgbFHXRINKOz4a3lnnSs-LicMtEPNo-kN8jz0X39xsPKP0lKwbHvNKfOpXRYnxUduqtBFG43E8vr6HMEsVUuENGGmJtoAV2j_2MXyjXmcdjgs5LY6GpY3TLGK-jz6i4ThMS6UV-MtaJ3LdRViICUdMxRVIzHXNVF2iv4zDs8ql3yHLcmVWmwil-xb8H7xb5JifVvoB0_9THh3obnEtormZsafhhk98eCplr9TlbEQ-P8g0QGqNIGEiWyqicth6HTNyOPMSV658zzXH_rSwIc-QIZF9h-uA6ZolxEQqQdYEvGnHZl6ykP02HxAKUccC7TwSfZeuI1wBiB_HlyKGnkqafsUEGhmli5uMStAAPLsQfA3bi3eUKavYN6T5rk17dTm-wvTNGPDYyn2mG70BCsj-GIz5g066srW5PfF0oN49-Sxaq5-OPd1X5F-naFI6vmZYThT0tVjmrtZUPGtXEXmCXTFE8UwJU1BWezSNh6C-7dEYLXDcBwtMQ4-Js2kBsL5kdceviN5EyaalndxT0_fELGOTMncbkHOeoNfi3t6w2vLwU4higSAmKaRUPDiPs_VBFFZpUpuEslbVjy5nN3zIqpQN8sXKBweTutE1XvK5_7lk2aXDoQotO-H9AqDndCBnR18snP5k6ZJdUVZO20HtoGjL_GezuV7nRPJEh9r_zNjcDwwtd0hVS9K5i6r7_0xYuRsUDBDyQvdj2YDZ_yxXxWHZvMtCd8toU44lyv8Bbz5UwIk2gThDPBRKGl0P6bPyLW8m8SxUga4E6lH1oKsKUKg8tszO7TKAlDw1cvdMojPtL69dNtX9mvdKx_7cR_dBduE5d1WxEZKdE8e08W2LH2oosg5oPF-WwwHByKy2Ksl2wmJHuACivSliJ8cJlKv1r1tI24S9vyXiOTNd2NDQwi6Kn_uXI7uHIHM9yYjnHnpIF6zmvTi8jdVKAJ7ZndeEFPNQuNJu3COn07QZ_C9WifccH_5gh2TxSdbb6jjXy8OgJPhqtkqFA5wH9em64N2EHdEYzmqK9UzIlTySdokBITmxgnexdHuIGUBpkBFUme1cE86OE1snMjDu3puHgr4h4zOTkHze-xILp_ofVT-f9HfYcpSL1JvLd3vmUhqmBqVDLATBPqSz81kGqvJVxwLU1YC-JxngoGEWp_ybPRCLSnPK19fJlplhydd_AC9nYlGEQpeY4Uyv_5XW46OFqYMfxTU3ItYRa4nzDTNPhRyQx496Ef_T0BzP-284ou4fSotTME7HMZPGPm5wL8ofT07pXAlXIDr_pDufY4U4__UPjAqfAzpWlYukVcuy32HV9QV29uX94ZvVNkJfqySDS69cVndVybJqEKQ&cid=CAASEuRoPHrkyVXxD2U16yKnMQx5ow&rfl=3%2Chttps%253A%252F%252Fhinet.net%242%2C%2Chttps%253A%252F%252Fhinet.net%252F%240

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a2ad443e0dacd0741e2622a6129694053d5fcb8ada7d62ac533f0ca103fb590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25052
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 363E 42 B
63 B 40ms
38ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AzpC608sTlAdO7gco9OPo1yb2drwz5_uY8cWJdL3q-EfxZX4dSPFd53fNtCaMzPSLLrSnc9VPJmcxH3R_UtV9k9Hgt0UA_t23Vl1MkW9pjzCmwozk

Requested by

Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210714/r20110914/client/ Frame 363E 2 KB
1 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210714/r20110914/client/window_focus_fy2019.js

Requested by

Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 15:56:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81129
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 Aug 2021 15:56:42 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 363E 124 KB
37 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:51 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210714/r20110914/client/ Frame 363E 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210714/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:27:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6195
x-xss-protection: 0
server: cafe
etag: 10716856519410487149
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 14:27:58 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 363E 0
0 15ms
14ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT5dt90OM9sbjCZvn6FUnKu_fJZy6erimvfCTYAfuEFdOPXf1qnh_4YiXgKTNRKH58DhigfREnsW2GQrlrzDHWf9xQzOQ
Requested by: Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 426E 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071401.js?31061813

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:51 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5219
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1&C=1

43 B
894 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjY1bWvATAB&v=APEucNWxIQqGbZOJINTSY9il0T6lZLnxnEc_tHjMq82Hfs5m9Fg2sbkspRlD_-Mju1v5j2BRxiI_ZAV7NLvzg3OoAP6IwTlry2LgUlMqVaIcAf378gxOUUejIQxMKlog56dv--JlqNWe3qkitMOYJGgID0zJCJvvTyQGva8EXFHtSb2Zsft01sw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 20 Jul 2021 14:28:51 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:51 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 20 Jul 2021 14:28:51 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5219
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPbdo5jCQk693D-VKangEwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1

43 B
894 B

14ms
13ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjY1bWvATAB&v=APEucNWxIQqGbZOJINTSY9il0T6lZLnxnEc_tHjMq82Hfs5m9Fg2sbkspRlD_-Mju1v5j2BRxiI_ZAV7NLvzg3OoAP6IwTlry2LgUlMqVaIcAf378gxOUUejIQxMKlog56dv--JlqNWe3qkitMOYJGgID0zJCJvvTyQGva8EXFHtSb2Zsft01sw
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 20 Jul 2021 14:28:52 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 5219
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKSn-sxV060K9c8aUuxPo3U&google_cver=1

43 B
1004 B

15ms
13ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKSn-sxV060K9c8aUuxPo3U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARjY1bWvATAB&v=APEucNWxIQqGbZOJINTSY9il0T6lZLnxnEc_tHjMq82Hfs5m9Fg2sbkspRlD_-Mju1v5j2BRxiI_ZAV7NLvzg3OoAP6IwTlry2LgUlMqVaIcAf378gxOUUejIQxMKlog56dv--JlqNWe3qkitMOYJGgID0zJCJvvTyQGva8EXFHtSb2Zsft01sw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:51 GMT
X-Proxy-Origin: 159.48.53.228; 159.48.53.228; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 9a932dc2-561e-452d-b44f-e0181b59063d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKSn-sxV060K9c8aUuxPo3U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5219
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyNDQ4NTM0MzkyMjUwNzc4Ng%3D%3D

170 B
190 B

16ms
16ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyNDQ4NTM0MzkyMjUwNzc4Ng%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:51 GMT
X-Proxy-Origin: 159.48.53.228; 159.48.53.228; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a5dbef1b-f5ad-488b-a9a6-0761042e66f7
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyNDQ4NTM0MzkyMjUwNzc4Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 328A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1

43 B
1014 B

30ms
16ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjB-92sATAB&v=APEucNWjEoLOa0YipKhgfmXy6y950iqhTjGllJpgxSATP1MghnFZenEn3lyNU82E-kexjZpjEzunTSiyRVlUB2NMacKj9T8hB5U19SyFghvGkQTrY5DqoF4Lj5RhDNfOjdJOhlzMK0dM3U6cGpEJ_jCdGHk6xRmcngu_d1V0an_4-mNp4dqFVMc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:51 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 20 Jul 2021 14:28:51 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 328A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YPbdo5jCQk693D-VKangEwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1

43 B
1014 B

16ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjB-92sATAB&v=APEucNWjEoLOa0YipKhgfmXy6y950iqhTjGllJpgxSATP1MghnFZenEn3lyNU82E-kexjZpjEzunTSiyRVlUB2NMacKj9T8hB5U19SyFghvGkQTrY5DqoF4Lj5RhDNfOjdJOhlzMK0dM3U6cGpEJ_jCdGHk6xRmcngu_d1V0an_4-mNp4dqFVMc
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 20 Jul 2021 14:28:52 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFnx45dqyPAADk-v4acKqmU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 328A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKSn-sxV060K9c8aUuxPo3U&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKSn-sxV060K9c8aUuxPo3U%26google_cver%3D1

43 B
1 KB

14ms
13ms

Image
image/gif

185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKSn-sxV060K9c8aUuxPo3U%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhjB-92sATAB&v=APEucNWjEoLOa0YipKhgfmXy6y950iqhTjGllJpgxSATP1MghnFZenEn3lyNU82E-kexjZpjEzunTSiyRVlUB2NMacKj9T8hB5U19SyFghvGkQTrY5DqoF4Lj5RhDNfOjdJOhlzMK0dM3U6cGpEJ_jCdGHk6xRmcngu_d1V0an_4-mNp4dqFVMc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

721.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:52 GMT
X-Proxy-Origin: 159.48.53.228; 159.48.53.228; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f425da2d-e9d8-46bd-8bc9-797b92b027c4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:51 GMT
X-Proxy-Origin: 159.48.53.228; 159.48.53.228; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a8ee4307-8482-46bb-a0ee-e514c9aff240
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEKSn-sxV060K9c8aUuxPo3U%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 328A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyNDQ4NTM0MzkyMjUwNzc4Ng%3D%3D

170 B
190 B

17ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyNDQ4NTM0MzkyMjUwNzc4Ng%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:51 GMT
X-Proxy-Origin: 159.48.53.228; 159.48.53.228; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: f338d81f-eed5-46e0-9e66-539b67fc3241
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODYyNDQ4NTM0MzkyMjUwNzc4Ng%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/769474/55842337/ Frame CA08 44 KB
13 KB 117ms
53ms Script
application/javascript 52.213.111.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/769474/55842337/skeleton.js
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.111.123 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-111-123.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: d50991912f82769cec7a6e08141febde041e3fe35a63c4a70f799ff37085bf36

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
x-server-name: app09.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame CA08 176 KB
61 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:11:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62241
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jul 2021 10:11:53 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/elements/html/ Frame CA08 8 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIMXt0EJaERDeFZGb3XiO-Um-CjcUV7LmeL1KxzII5tXN_7J6gLWwf66-C_sjJ-gMcQAkiY_Pt4GVnBSz-zHOdRmlX9d69cKD8Vq3BFN3PghQMxXGqdUt7RhZGVuNyhwGrDKU8ks4DjCZVGpii69pRer07Pg&dbm_d=AKAmf-BmtiSNlqjAHOBdMt_HtiymDV4sJWgbMwIQE3RFHQSisZ2YLQfGqKNtKmA7PssH-y0X90HvRWzxBBGBNR4Nprs05I-hOap5yrmI3YDFYHpBj3_qSnhiBXuZSdcGqCTCgTtiRwlaxVQ3QZjbDWblqIk5Lq_AWSWDsteKyWOpUC4RKb4e50Ro9-CdgPvL7ICK7gR2nR-iwvCWhnfJ_ZvAIGQ-fbsYJUvJFf6FhDiE_RUyPktXp-GnAtGngxx9VvYFHiOB1n7OYTlxILEyf5zhk8NwVuT5Kn3CFUDiY-kMfhFQAnwZdJclZgX07Xd63hwCVL4doTzqDEPigA0FvGtZgcSJg7QC3ut-UG-_JI1oDCMns_Dze7rOd06aV0UURneug6aeUtEsbcujTQRtDjNvclvir6mdyRLdOUmyoLmFx48KrGkTzPWr0LM5GvPADGZ49jA87CvKzxNuUMH6y5bPd89UH4W04hOmZesuK9oOvKUrumW_IRLMsgul7Sg8y3QVDIo5uaFSNyygrw0ecPmkvorzB6PEIy4Mdq8aIgXis3m9uvFQpLqvtG1CCdYyVAHnKq_oCGspKjqTYRJxKXVsWyokmS1xAEOVmGayK9WBX3AXgjogyYkPAcoQaW8-8OrAyFw87JWqlrhVcbcAnjQjq_-wBuUFAt-7qdWDsRvHOFLbg0oEdi9RMAfu-3IE1CeM8ls45wQxh1PgfVU6E_RjpuAfVHP9WtpRVbBcOhkesbl0VQDzS2cBb1CZbFfVCDAvCSjdounY3uWSUfF0MJRgeHHGrz6yFdfFjrRPpF-9LQqrzTeYAiFygln-tgyxs67EyQ-aReTGjmqOYROZAvTpYyFMAsf1LeCoeOySvFiWrz1t0TTXFzgPArdX-QDHNpGTlOWm1NKl_2BKI6Sm5WO13WypPH9IfUNzVjFjbqVvzT1rRP9Sb7iX_ICd0O-3vrYiZ4ClJ3T0YgOutiIwgf_fMi29WVrCQmOVABqTPnpQt1RJAy0VlMAx3FhoIGaM3wp0WGq-KispHGRl0SR_zhQeoxKLtgvluEK2IyUfcziGwUzsmKHaIx7q2RXcx_ITCab_ZYmIS0hmKk7cujP0LC3YEIQTn7yEcRCAgYoXUUHo_MsZIGvN6hkh1iyupPXh5Xn0befO6hK0XffedoizIsXK5DagFoU5R79y_7JKz6Rxz1BLbU2j411a3Xoa7S9qa25Xe7R41Qj8kGTDPewMu8p9vyRr_VBuzNS1u7PHlSc2fGs0aaw1D4jHWWIrfum2pCTv70_wzHmIeOfyO8cPFxg_YrRrQ3eNuFc2Eyt03G2BUGtdileWysSKx-GiAG0EzIGppGdSRk4rTutW_u1vC7FABSW9BTvGXBJNoGd8If5DQSTyapfe376mLSoWhWcsIUCCluxnvxZnCYCnNjcgvpoVZQuQsrKZro0zxeChBBOgkZcGlDLa4ZhBgDj73Ln09-LzzVj1_YZh2tshw_sUiTqrQ3GY65uxjNBvZnmVGPsQNEw-zwQljPMJ5UOkCvkksAO3z72DbA0wgk6lNjqopNGIDJz6uMuTdfpJug8WHSdriOt0gCG7YxWLDkr2ePmQmIrJ4rCmJWUzBcRLXNdJuB_mUl6QnRBurEWuqWiNjIayxgHl7cjxSDw6FtqazXGa2MPgPAlwzhIK193rPSYSv24P85w9q5b4Ozd0MXHEk78A5--EvLDFCsfzwGQiuF4Sh5vhWSwXMmX0IxwOcrzcIO6ZirlU-0SZaX4lDscqkho645sauRYh4Cu7ZJY5ArOIYi5g7r0W8RxDS0KC36PyomPwn8jJLSCIKU-Zgv2pP8OhtIq-Tiv8LXZtLBdJ5xMVvGVtY-7hm-sW9YaASiul7PQAletEjN2lkguUDNgUPw_emrt5Cjj3uEozcoKbC5ZloRBqpfEep416bmZauelNQD6O7aQy_dTZzvGMiZ77HnCO4mQ1x0ZStnIFPSgHBrswjfn-u7QE_HVcly4ClsZXD6a0DB33s_pq-UdbkO0s5jBQ4ck_N1f34XyCyDpa0s3ayBE6VYrvjDYpe2_B9I-W0Q3iJPwrcTelGxvm6vOqO3h4h9XYXcJ50OmOClU5aOrr6FNNx0Nj692LDqvbGhe4NMhfBJiy8zHjOYqNDF5-wzVqeI1v4ua7lJBBEL0g4O3KFhGKv23dhvn0hd2FkdDYftvoY0X6IMhKmST3Iz0YuolXkcw8UnPx-OpPc4LFzRww60WVkKCLNzHzlERc94_HLVxGOC0U8lQomo-SiP_6aGpNi8iKiqxrvVwUtUqLiN7LRN0hxBVUIfOb65EhEcCssxvXyzo2FBjsbl7yb_4ePqWR6_27hTTuSws7gAr5mMcU1k-z7Kjrl7gUWCfgeF0LjTzZNA1cOIYineFlScOOJKbQg68DgL16mMQnvDzMRrVT-slptG4qNuEdjJp0-YD7p8jpEIXDj6l7rYG9RyNL67dvrE_Zu0vNUIIjzVfhorvh9UY2DgG4wLe-vcqva1keXOTxIAdOTWoAojyCymqh7vQ6tEFT53WeuSoFqiVnXRBVCp4dfnbOChiIvx96K9MnJUBFmWFkB41cWzq1Jz9ad-LHuOYlTDjHkSAnFPUwjbe6MYrzvhFhkL1PIbrleDiZrTNjfxpyfUkzmPt1ZPKyR6INThYbw7FXXaQLXa0v3IhsjpKxfQShhnmXfWyoBPVvH8JXrn8yNfGCpboL-CxWLHkiJUhyQQqZIsI41lTXn01P0k0PHMzMkZfZ3RwUPp6k-ONRKrz-vNlp-jNzoUTKQKKaNg4sdXMf0yev6y7ImGJkSQW-X_YAOr5fgz3J39zrmwPvGFP8sODMl-h3L_NcMZvYsvNyMwWuLAg&cid=CAASEuRoZvl3rVbShW4tucJiYlLBlw&rfl=2%2Chttps%253A%252F%252Fhinet.net%242%2Chttps%253A%252F%252Fhinet.net%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 14:23:45 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/ Frame CA08 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9349
x-xss-protection: 0
server: cafe
etag: 11779355884012761328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 14:28:34 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 9A69 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 13:20:12 GMT
expires: Wed, 20 Jul 2022 13:20:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4119
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E07A 783 B
533 B 16ms
15ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5c14dd462bc16763ca39a8430cc67bdf19c27ddcbf7f2613458be26d50b669d9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-v0M6A6ynEZhiLWfRG2QWDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hinet.net/

Response headers

expires: Tue, 20 Jul 2021 14:28:51 GMT
date: Tue, 20 Jul 2021 14:28:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-v0M6A6ynEZhiLWfRG2QWDQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 363E 111 KB
38 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:01:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16041
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jul 2021 10:01:30 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/elements/html/ Frame 363E 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CsBObYpjFQCdXaO-TbEKoQMf3JDo0nf6br3VGvocdRzPm1cuITE99Pzwv5uWTeEds0OhQWhHtfCQSD4NTAoz8y2Vb_Voc1J4W6DJUBItnYHYuyl-tA9r-PXsQP9yVMuS38n_L8TujwzgtQnhGifyemg72iyQ&dbm_d=AKAmf-Agee0HATbpPO4Sh6d3k4a6Kyt3xeMw4WvLJsHxhOGYLwHeaumQ61unS7NaBti2RaQhEBbvRjGpsIyQ0JochJTNAJviFnGy8bDGLuLuHcaqIrr2pkGgdXpboBh6tMHAgw0YP43Vutl4a69r7-sBLWDCEDFJyKjU2qC4e_vD1TukbUw7QkAxDSxdQTLNzJtWcwmTTiH90T448aaI6mgfFhbchRC37-MYH2U4EtFOyz2MFalFpyhF-QsE07dg-vDTVYIM5UFR8GlCGxTfIWPfwU6GFAQ6tWv5MurkqRWa07ARDu5kcWP5VWCNqu3_amom_NLNPV3xPWRDVWxmb9-xhqS_I4aoITA96FEuNQs0NzC9-n6MLpiGB47wb_8kUuDiHFQJrmRdIMPtjtdZ3y5pN5lFR3IAihnUoxaWEWb3hfIfcWoWjbMSW-c4A4ctrZHAPlXJsVIKw5-v9-HZpJwnYuB5jph1ckHmJbz_IXntZVKXvweUElw3MwXx61OLtGW62GjmXXHWaEqIomqWL6hZAXEMXHAP1te4QAfIIhcljIrLkW02M-KshRqhOUAGQNvovMsB9SCBhD8sUHPJWE93sVUVPUSxXYUUTYI5jrcv_czqsiBjxT2L5vte2nwqY-y8n5QKUDADm5e9Sm1g6lht6L4JfF26dOX_D8sXKveWdOa-Xi7huu2LFQb-IrfPajEId1BSFlY_rDPYHRKLkUWUPzd0c2pXf7TA2UkKxxTlU7oGmWturiD6q1v5nQZuGvfBoRrCZVlhwdjxdXPyoWjNUHjGt8baeTfQg8VIGVxZdwlWwPBXu8Lq_Cio-6QI0Lq3EiDpUiXmGyX1HdG_Bnc_W4abAQhhLyUJTEnUbJ7W-2kQL78ALXy_y1mo9mUO6omVJMV_hlKWOIe1bX4H62UsEc1b9gBMbnvyJVgdipEHhZB7zntEXBNP_EH5cCE_-u0L8AGLQphy0tbNo88mr8EEZaKaEwe9qVQ9ZMSadDS_qJoerSk-nv_MaD9aMmDitknVKD4zL1yMKP2kmeprIZ9bsORu9eQrpGTwE9FEKEg3NXkqnU50gqMRrSXxsPiN9ON08blLFll5vvsBQiGZNY86nAypC-AFh82C4ArbYrEsMpPurQ3yh69FMVoYv0kp-DWqCuKI-JERZYQKrmAKaBWBz9EHZk1g9pNS63irZISXgXe4hXysjCR8azeZkWxAedPdG3x73LqCYIYO31QSz31V0DylqbAIR0p4I55UUAezmD9-lN1NfDf_wQBsh-0SMB95otz4GoUHfOS7rDBnKUkKdMvjGsziJEovF41g8EiPoVedK27uY1rIlzZJoAiNe6PvcaN2dBK-1JXnmli2Qg5NDvH0UNbkzqTjIBDhGe0q3YfvUuneBHi4a5cUwdj05lW7qa4tMIZ6NZKYQWSsLn66fbLOYeWC_355DLFUNjquowLiOt9Swltgkl7hAdxl4U1c3vPOdrNLHrLdQTq9dWiYSkg4elmqaSW2xaHT6GeDQuwlM5ZJeRVgY15F6LvvEJdWRiCNb7ZWc3HyUIR93_SIbZ7Uoec-IV35lHv-cK1GPISb_DJF3tqE8dwtlzXOQqwt5aBZxDlbPx7NT6gPkrgbFHXRINKOz4a3lnnSs-LicMtEPNo-kN8jz0X39xsPKP0lKwbHvNKfOpXRYnxUduqtBFG43E8vr6HMEsVUuENGGmJtoAV2j_2MXyjXmcdjgs5LY6GpY3TLGK-jz6i4ThMS6UV-MtaJ3LdRViICUdMxRVIzHXNVF2iv4zDs8ql3yHLcmVWmwil-xb8H7xb5JifVvoB0_9THh3obnEtormZsafhhk98eCplr9TlbEQ-P8g0QGqNIGEiWyqicth6HTNyOPMSV658zzXH_rSwIc-QIZF9h-uA6ZolxEQqQdYEvGnHZl6ykP02HxAKUccC7TwSfZeuI1wBiB_HlyKGnkqafsUEGhmli5uMStAAPLsQfA3bi3eUKavYN6T5rk17dTm-wvTNGPDYyn2mG70BCsj-GIz5g066srW5PfF0oN49-Sxaq5-OPd1X5F-naFI6vmZYThT0tVjmrtZUPGtXEXmCXTFE8UwJU1BWezSNh6C-7dEYLXDcBwtMQ4-Js2kBsL5kdceviN5EyaalndxT0_fELGOTMncbkHOeoNfi3t6w2vLwU4higSAmKaRUPDiPs_VBFFZpUpuEslbVjy5nN3zIqpQN8sXKBweTutE1XvK5_7lk2aXDoQotO-H9AqDndCBnR18snP5k6ZJdUVZO20HtoGjL_GezuV7nRPJEh9r_zNjcDwwtd0hVS9K5i6r7_0xYuRsUDBDyQvdj2YDZ_yxXxWHZvMtCd8toU44lyv8Bbz5UwIk2gThDPBRKGl0P6bPyLW8m8SxUga4E6lH1oKsKUKg8tszO7TKAlDw1cvdMojPtL69dNtX9mvdKx_7cR_dBduE5d1WxEZKdE8e08W2LH2oosg5oPF-WwwHByKy2Ksl2wmJHuACivSliJ8cJlKv1r1tI24S9vyXiOTNd2NDQwi6Kn_uXI7uHIHM9yYjnHnpIF6zmvTi8jdVKAJ7ZndeEFPNQuNJu3COn07QZ_C9WifccH_5gh2TxSdbb6jjXy8OgJPhqtkqFA5wH9em64N2EHdEYzmqK9UzIlTySdokBITmxgnexdHuIGUBpkBFUme1cE86OE1snMjDu3puHgr4h4zOTkHze-xILp_ofVT-f9HfYcpSL1JvLd3vmUhqmBqVDLATBPqSz81kGqvJVxwLU1YC-JxngoGEWp_ybPRCLSnPK19fJlplhydd_AC9nYlGEQpeY4Uyv_5XW46OFqYMfxTU3ItYRa4nzDTNPhRyQx496Ef_T0BzP-284ou4fSotTME7HMZPGPm5wL8ofT07pXAlXIDr_pDufY4U4__UPjAqfAzpWlYukVcuy32HV9QV29uX94ZvVNkJfqySDS69cVndVybJqEKQ&cid=CAASEuRoPHrkyVXxD2U16yKnMQx5ow&rfl=3%2Chttps%253A%252F%252Fhinet.net%242%2C%2Chttps%253A%252F%252Fhinet.net%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 306
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 14:23:45 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/ Frame 363E 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9349
x-xss-protection: 0
server: cafe
etag: 11779355884012761328
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 14:28:34 GMT

GET
H2 200 pixel
t.ssp.hinet.net/ Frame FFD4 0
79 B 245ms
245ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/pixel?bd=d6af6140-7a1f-4761-9e84-150941d4d4d0&t=ch%3D2017004%26st%3D201710000009

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame D307 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 12:12:50 GMT

GET
H2 200 pixel
t.ssp.hinet.net/ Frame 68CA 0
79 B 245ms
245ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/pixel?bd=d6af6140-7a1f-4761-9e84-150941d4d4d0&t=ch%3D2017004%26st%3D201702000042

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H3-29 200 pubads_impl_2021071301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 68CA 329 KB
115 KB 18ms
15ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

9f43aa34b620c451290ad923748729c9956da9e7476387b34f860d1131108924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 08:39:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117314
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:51 GMT

GET
H2 200 zone.bid Show response
adx.c.appier.net/pb/0wHT9JDiP3SORJx/ Frame FFD4 241 B
302 B 262ms
262ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.c.appier.net/pb/0wHT9JDiP3SORJx/zone.bid?acid=yosMxOXEB6yqzscSod32YA&hzid=HtIi9M-Q
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HtIi9M-Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 1111480d07de289d56c041ee870e5bb60b713985841bcd5aedefa98936803ee6

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-store
access-control-allow-credentials: true
alt-svc: clear
content-length: 241

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CA08 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
URL: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:12:53 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5A01 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
URL: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 20 Jul 2021 11:56:19 GMT
expires: Wed, 21 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 9152
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame CA08 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bc2bd4fc81619ec327f9fedf784d0fb1895e251cc32bc84e900c649f2d3a649

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 300x250.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/60582160/20210607031514764/ Frame DEE5 41 KB
10 KB 28ms
14ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/60582160/20210607031514764/300x250.html?e=69&leftOffset=0&topOffset=0&c=UojpExTAlE&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e72e716b977d3e3c27f3080350303a19d88f9a1f1edb97c0a20bebad6927903

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/60582160/20210607031514764/300x250.html?e=69&leftOffset=0&topOffset=0&c=UojpExTAlE&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9908
date: Tue, 20 Jul 2021 14:28:52 GMT
expires: Wed, 21 Jul 2021 14:28:52 GMT
cache-control: public, max-age=86400
last-modified: Mon, 07 Jun 2021 10:15:14 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame CA08 0
592 B 71ms
49ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvmbMhFK74mGakmwfCJQrYotzOsT1xN1wx7yYoifLiteYXrKmz1ZM6K1l3WDV5sZ_JI3mw8yglT0aZcvqWFLKvCEEUlbq1cde6U3DrzkL5N190fWov-DT5DCUmhC7blsKBsnnPh7Mg4NqBvmigWTlJ3jDtIhZRHLb6zzcvQEN2dmdE8zH218WgjOzpXaECYnGovm6eR4GN2OXs9yJ8O7OiyLoD4RjtxQY7osjzKaE6HKOS4vFObhzmihfRwvBM1bcuJ3QPQmF2Rmnw-ffKXdjWdXNRDZ9wohEKkLyQGPImMamG8RETzz9X-HXiiXRfw2Ll_OxKEsrx3AedS7QA58eyz-v1BT-HRVaOhxi3g9Zsvahm2bSWPUoKKoMt6C3nlAqVITeHv5t9kG6436Z9Jxa-0FQb9umr9Jk20-86Z9IOfyDwL9KUf5Kc1udsVOpYO1snl1pKaJ8KHx__B6r8JO8zUtpBorWhL4hT_b-FnaAsAoC_HMp6UskP7dPbSO2AZPr74E27kkhxgh0Kcla78O4AX6QA-GToARQRU91tZ1UlDl4QSh0de24YZcccYmz93APjFahJwIZsObZpEO6WKXbBBS7L8O6LhRkCX372iEfXaA9oZXfhy7OqIhmYqeDHt3QPvr2NZQ5pn6_omJpe_CGHLLXFrn-130eT6CMc5r_9R1nFY0M8HXv25ucJxNUwH2uV_t01ajFfKzxPlSuORgs0bkNTlk5oJnVTw4kEIgEj0jwvjYwj4SC7bMGj2pfeK1p0qQgtFSNvCuFz3S96Kan-nkMWVOGWVWLhd6OJqjjMsRDl5_QVgT6BQh07uo4TIMk5wwPp4jxm6DEjHR15bVpbNUZ-Ijs3ZprxQbn2qUDDTyveaMAJChi1VRSVjwV1HM2fsgaFMgb6oS12uedSFRe0_6btnLVPaKGkBbeB8LWnYpzNWIlT9tbWcqQQvD7m414NKVqRgNPxkVXArwqlx1JCnNg0m9uQ25-gElk2RSaGQbuizz-HKlCTwJsTra6qcYg64clVKIluNVB4bRwtEXFqe3U3naYmnTSKDwngwD4aUKZ8ODo-m_JnxLcZGUooUut0ZUeheWKrQq-J6rDWwKSVlptOMtc7f_0fmVK7ElJj8AL3LiqVX4bhIivHS9k8mFUCPjx2MdA&sai=AMfl-YSdeCs9IZooZuQe4QRC0-JfsClMXnbyL8iyVS-8T1zcvQ-ln2XbkiBaZsNwecch0uSFYpGl3otZK1xOgXIfM7lY32B_fj7G_d89JiiPAaFKO14ztkUbfo70uaN-XaTFHHWOO6o3ZKBVW02yYjse5Jhqrq0h8w&sig=Cg0ArKJSzPbsQElp3muVEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=138&cbvp=1&cstd=131&cisv=r20210714.24769&adurl=

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 20 Jul 2021 14:28:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK mtrcs_220434.js Show response
s79.mxcdn.net/bb-mx/serve/ Frame 363E 145 KB
56 KB 44ms
12ms Script
text/javascript 2.18.233.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-67.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 795d2fb5712f97a8c8788d844c199fbc96ce7fce672eba4694aa265cc99cc427

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:52 GMT
Content-Encoding: gzip
Last-Modified: Fri, 16 Jul 2021 15:23:26 GMT
Server: nginx
ETag: "\W00000572721626449006776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=1800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 57272
Expires: Tue, 20 Jul 2021 14:58:52 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/9758366/1625140909297/13-IWE-IONIQ5-Skyscraper-160x600-Keyvisual/ Frame D22E 5 KB
2 KB 7ms
6ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1625140909297/13-IWE-IONIQ5-Skyscraper-160x600-Keyvisual/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36e9756a9dca14da9896cdc72c32e6d5264763fcd59861a6290b69549da5f69c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9758366/1625140909297/13-IWE-IONIQ5-Skyscraper-160x600-Keyvisual/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 1922
date: Mon, 19 Jul 2021 23:29:33 GMT
expires: Tue, 20 Jul 2021 23:29:33 GMT
last-modified: Thu, 01 Jul 2021 12:01:49 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 53959
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 363E 0
61 B 48ms
48ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv3fNilNQDfPVJuebFjQqbDsOr7k5SegcakC6Rm2ipyFlpn6fAFxBmDEAuDV6WtPliZVGiwq-lQoGqg-Wfur6JiqFKc8IZ-WlcQ0NfunGPlXC3VPqx2NfV4RJKMLU1X18ofcyE76qQqH-CCdmIcfMyVZeMhmeDu22bQ1P950Ef4KWZrPs-vwPmHl2W7wjc_C3iCRxghuRjJ7tCkAl2sTzP_-XHLOD7yPh2BoicH7Vqqiixl8B_6whojdAGa_Zuo479UqfoOeP4wkPtZZjUR6RmCrf83FaG6aReOdHgUSJBiUg1TQ7wmbahre0K3d5HC5ybBUjKGPFAgzjshUzv2DwkHP_eD7ci5FqFOUSHMdmmqD6TAD19uw16C30_hdl7ohI-Epq8AtWENbIIsOQsdkYnLaiJqwujKzcvZGFMolYUhObI_j0prD46AZ94ICMAJC2-Ky-yLzm5mGsgaV8WW1fB5YNBLrAvsE3DBw-sFtiajmRRfGvueB9BPgaDsQBg2RzsSu_gXPGjJQ_OfK4K8kTjMBCMSs__aAcrpt9zYmF0rjpCFCsUD0_sqNkE9_UQXbeE_6t3AFeWrZl6acRRg9RWLmY6GdhNpag6cROjpRtYdk_tpB5XorbafwBOgiRwIR9TLG0DFs9_UtAJIQhw-d5uZEzbYKZoL-BvD5TmicYOi0JZ-SaP8HUgI4hUeIZT24lbY0plS8w98OBHLYHtC7UvwiwXBFr8inkYLpZoicXv2dmDG9yhyeUaonnLC76A1zCirxBj_euJNSqSWjIwwfEdy-Kuh5g_XlEY-wdb9k_rixl7LJPzO87z9Hslxf33SzykAuyrG8P0bfOjGWGGfSovrHNm2BJfwQtCMve56KF37d-EklYzfT8a8ccOnV-9yvTOlAsYNxgiCFiUFvlzY0wK5HWI_tQ3uK29cQXgqZAitl7az45EOIMhPMzuwYoa0IvUOXt5oS-ER1s67G0wf-9SIZmCL-EDPbN_ip7zT0hSeKVb2mlEtquwim6bLmMa0tmk7MNuaYJFib9yttgwoQeO7r9GYfYAFLKggtzZ0HWYxPAvhCFe1qmdQQON1Vn0RHI7F1UoUawFYWSumcdScpVoRpyPYW9MG9zyy427g-3iQFBU4SoVXKnnk77aGGQGq8BpG&sai=AMfl-YTi4YL0hbbIs4L4-1zk3ZbhIJdVBjMXHXtWDcMSxJcfbx0xHckzjm8zwvusjilBsIsWHY2OC2RdrC11PF7pnFo2FwwqUoUNdGWcL2es4s2BfWyKQfP8xaz-WjXHNfq0l6Ia2YZPxSGLxz8vu7fVRSI7q6A-rQ&sig=Cg0ArKJSzIffv9aWaYvkEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=143&cbvp=1&cstd=140&cisv=r20210714.99316&adurl=

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 20 Jul 2021 14:28:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

tp.gif
1f2dd3a35e71de738555c9c2cc8ddd9118173a8797217762ab63a9c3.trk.sensic.net/ Frame 363E
Redirect Chain

https://de-config.sensic.net/tp?ty=IM&optin=false&m=campaign_3301&c=26016321_305418734_153890634_498044657&cp_c1=26016321&cp_c2=&cp_c3=498044657&cp_c4=305418734&cp_c5=&cp_c6=153890634&cp_c7=&pr=423...
https://1f2dd3a35e71de738555c9c2cc8ddd9118173a8797217762ab63a9c3.trk.sensic.net/tp.gif?m=campaign_3301&p=de-config

42 B
435 B

37ms
8ms

Image
image/gif

13.224.193.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://1f2dd3a35e71de738555c9c2cc8ddd9118173a8797217762ab63a9c3.trk.sensic.net/tp.gif?m=campaign_3301&p=de-config
Requested by: Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.193.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-193-126.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 15:50:44 GMT
via: 1.1 1d67a4c00b06651cb6daa95ec3f21f9b.cloudfront.net (CloudFront)
last-modified: Thu, 28 Nov 2019 09:56:25 GMT
server: AmazonS3
age: 137574
etag: "d89746888da2d9510b64a9f031eaecd5"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 42
x-amz-cf-id: lzHDQ6jbMwdNG_zlJAb6IvX7_fv1JdFIm_qfEeA2oaxyek5oKpJUHg==
expires: Wed, 21 Oct 2015 07:28:00 GMT

Redirect headers

date: Tue, 20 Jul 2021 14:28:52 GMT
via: 1.1 9e627a2e7bf673974b02e3bf374bb843.cloudfront.net (CloudFront)
server: nginx/1.14.1
x-amz-cf-pop: DUS51-C1
location: https://1F2DD3A35E71DE738555C9C2CC8DDD9118173A8797217762AB63A9C3.trk.sensic.net/tp.gif?m=campaign_3301&p=de-config
x-powered-by: Express
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
content-length: 136
x-amz-cf-id: MFjWW28fFuyo3llX5SrLbGyEV-uadU6sJrGdkkwim05ItMCtEv9zkg==

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 363E 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:12:53 GMT

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame E9FC 1 KB
749 B 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 20 Jul 2021 11:56:19 GMT
expires: Wed, 21 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 9153
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 363E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a43aed4296647d38e6a0421f3acc14d571a783399218b24952568ba1510b74de

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E859 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 19 Jul 2021 11:19:01 GMT
expires: Tue, 19 Jul 2022 11:19:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 97791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 68CA 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ssp.hinet.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 68CA 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ssp.hinet.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 68CA 8 KB
4 KB 50ms
48ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4186689734809012&correlator=3371987384426078&output=ldjh&impl=fifs&eid=31061737%2C31061788%2C31061816%2C21068767%2C31061843%2C20211866&vrg=2021071301&ptt=17&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=33575001%2Cportal300x250%2CRightup300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&cookie=ID%3D868d7939312cfc09%3AT%3D1626791331%3AS%3DALNI_MYU9TEHUzINhzYAPHF8pFDTukmAug&cdm=ssp.hinet.net&bc=31&abxe=1&lmt=1626791332&dt=1626791332224&dlt=1626791331669&idt=528&ea=0&frm=8&biw=-12245933&bih=-12245933&isw=300&ish=250&oid=3&adxs=0&adys=0&adks=4227493683&ucis=drp7grvk1nmx&ifi=1&ifk=3394371925&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017004%26s%3D201702000042%26t%3D1626791320215%26u%3Dd6af6140-7a1f-4761-9e84-150941d4d4d0%26o%3DjsG8H%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&ref=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017004%26s%3D201702000042%26t%3D1626791320215%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26o%3DjsG8H%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&top=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017004%26s%3D201702000042%26t%3D1626791320215%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26o%3DjsG8H%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x250&msz=300x-1&ga_vid=1174103621.1626791332&ga_sid=1626791332&ga_hid=724611144&ga_fc=false&fws=260&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

cc8006549b960ddfd819ba7d9aeee4179cc02cd0492b5179dcb20e7444dc3ebf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4199
x-xss-protection: 0
google-lineitem-id: 5681504367
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348729004
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ssp.hinet.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
86bfa5140d01e03ef16e8744c9b1fa35.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 119E 0
0 28ms
14ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://86bfa5140d01e03ef16e8744c9b1fa35.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 86bfa5140d01e03ef16e8744c9b1fa35.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 14:28:52 GMT
expires: Wed, 20 Jul 2022 14:28:52 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 main.gr.19.8.217.js Show response
static.adsafeprotected.com/ Frame CA08 183 KB
58 KB 112ms
51ms Script
application/javascript 54.77.67.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.217.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/769474/55842337/skeleton.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.67.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-67-228.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 74e5e11cd8453e9dd3df30335ade7b94f014e0e8617910a8ded49f715f4bb690

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
content-encoding: gzip
last-modified: Thu, 15 Jul 2021 18:34:44 GMT
server: nginx/1.16.1
age: 4
etag: W/"bfc62ca485c0623ae594a8d903890414"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame FFD4 12 B
89 B 263ms
263ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=apn&event=pageview
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HtIi9M-Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ssp.hinet.net
access-control-expose-headers
access-control-allow-credentials: true
alt-svc: clear
content-length: 12

GET
H2 200 gcm
gocm.c.appier.net/ Frame C5F2 42 B
308 B 241ms
241ms Image
image/gif 172.105.221.240
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: apn.c.appier.net
URL: https://apn.c.appier.net/pb/0wHT9JDiP3SORJx/zone.js?hzid=HtIi9M-Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.221.240 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1875-240.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
cache-control: no-store
server: nginx
content-type: image/gif
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2

200

arjs.php Show response
ad2.apx.appier.net/www/delivery/ Frame C5F2
Redirect Chain

https://ad2.apx.appier.net/www/delivery/js.php?zoneid=789&id=idockddgbi4oomk5w
https://gocm.c.appier.net/aanet?id=idockddgbi4oomk5w&url=ad2.apx.appier.net&zoneid=789
https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=789&acid=yosMxOXEB6yqzscSod32YA&id=idockddgbi4oomk5w

3 KB
1 KB

265ms
264ms

Script
text/html

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=789&acid=yosMxOXEB6yqzscSod32YA&id=idockddgbi4oomk5w
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 398280333cf87ce8a81bf27b72e1a4219af4b9f3d1c0b1b28d29c0ab72ace45e

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
via: 1.1 google
server: nginx/1.19.0
cache-control: no-store
content-encoding: gzip
alt-svc: clear
content-type: text/html; charset=utf-8

Redirect headers

location: https://ad2.apx.appier.net/www/delivery/arjs.php?zoneid=789&acid=yosMxOXEB6yqzscSod32YA&id=idockddgbi4oomk5w
date: Tue, 20 Jul 2021 14:28:52 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 139
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0862 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 19 Jul 2021 11:19:01 GMT
expires: Tue, 19 Jul 2022 11:19:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 97791
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK stat Show response
dbg01.meetrics.net/ Frame 363E 82 B
351 B 54ms
11ms Script
application/javascript 88.99.148.145
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://dbg01.meetrics.net/stat
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.99.148.145 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h680.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:52 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Tue, 20 Jul 2021 14:28:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s79.research.de.com/bb-mxad/ Frame 363E 0
208 B 34ms
11ms Script
application/octet-stream 148.251.47.75
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.research.de.com/bb-mxad/gettag
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 148.251.47.75 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h489.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:52 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b199.s79.research.de.com/bb-mx/ Frame 363E 43 B
291 B 46ms
12ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/bb-mx/submit?/mnjwBnAAA/whFxBo0F0wFz6BvvA15A5jEx2A04A3zA35A45A0hEykE4lExzA1zAijF04AwhE24AuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFs/Bu9ByBExpyFo0F0wFz6BvvAopFulF0uBulF0vB+k2FoywAyxAtwA3tAx2AtxA16AyzAtyAywA0zA0tAyuAxyAyuAztAllFy1Aw4Ai3Bjp6FtxAywAsp3Fx2Ay2A35AxzAzxA4yA2BEjwtFuvFulFkqnFluFtVETBFL2wFBLl1FC92iFuhF2pFnhF0vFyfF3lFikFypF2lFygBuvFfwFs1FnpFuzF/2xFsCylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgB3pFukFv3Ff3FliFrpF0zF0vFyhFnlFpuFmvFg3EpuFkvF3fF3lFirFp0FjhFujFlsFhuFptFh0FpvFumFyhFtlFg3EpuFkvF3fF3lFirFp0FylFx1FlzF0hFupFthF0pFvuFmyFhtFlgBjzFzfF3lFirFp0FgjEw1FfxB2gAyhFtfF4gAthF4fFluFnpFulFf1FurFuvF3uFLlnFB/k0FsBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA2wAx2AzyAxmAzpF0lF91A51Ay3Az5AmwEshFjlF9zAw1A0xA43Az0AmjEpkF9xA1zA45Aw2Az0AmzEp6Fl9Bx2Aw4E2wAwmAjiF90AyzA23A40A5zAUkzFpBFAAAAAAgCYJYJAPAAAAAAAAAOAAAAGCAAAAAgCYJYJABPaAAAAAAAABQtlAZIAAFAx8Ez8ExBEGAx1A00A04Ar1V2APAAAFAAQtlT1V2ASksF8EbAAAAAAAAAAAAEAAAQtlAAAAAAAIAy2AwxA2zAyxAJAzwA10Ax4A3zA0BEHA15A1yA3zA5BEHAx2Aw4E2wAwBEJAx1Az4A5wA2zA0BEHA53A14Az2A2BEdAAAAAAgCAYJAFAAA1V2AAAfBo0F0wFz6BvvAzwBuyAtkFuuBulF0vB53A14Az2A2vAx2Ay1Ax0Aw5Aw5Ay5A3vAxzAtJEXFFtJEPOFJRF1tATrF5zFjyFhwFlyFtxA2wA42BwwAtLEl5F2pFz1FhsFvpEukFl4FuoE0tFsBFCATTFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFnfcHWA
Requested by: Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:52 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Tue, 20 Jul 2021 14:28:51 GMT

GET
H/1.1 200
OK data
b199.s79.research.de.com/ Frame 363E 43 B
308 B 44ms
11ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/data?/mnjwCoAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFymVNSA
Requested by: Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:52 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Tue, 20-Jul-21 14:28:51 GMT

GET
H3-29 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame DEE5 110 KB
38 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582160/20210607031514764/300x250.html?e=69&leftOffset=0&topOffset=0&c=UojpExTAlE&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582160/20210607031514764/300x250.html?e=69&leftOffset=0&topOffset=0&c=UojpExTAlE&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 10:11:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15418
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Jul 2021 10:11:54 GMT

GET
H3-29 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DEE5 60 KB
24 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582160/20210607031514764/300x250.html?e=69&leftOffset=0&topOffset=0&c=UojpExTAlE&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582160/20210607031514764/300x250.html?e=69&leftOffset=0&topOffset=0&c=UojpExTAlE&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jul 2021 14:28:52 GMT

GET
H3-29 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame D22E 60 KB
24 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1625140909297/13-IWE-IONIQ5-Skyscraper-160x600-Keyvisual/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9758366/1625140909297/13-IWE-IONIQ5-Skyscraper-160x600-Keyvisual/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 20 Jul 2021 14:28:52 GMT

GET
H3-29 200 script.js Show response
s0.2mdn.net/9758366/1625140909297/13-IWE-IONIQ5-Skyscraper-160x600-Keyvisual/js/ Frame D22E 2 KB
774 B 10ms
10ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1625140909297/13-IWE-IONIQ5-Skyscraper-160x600-Keyvisual/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1625140909297/13-IWE-IONIQ5-Skyscraper-160x600-Keyvisual/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d1c194e2c16b352cd1618d4bd87f3f2206b60a77b6d629ecf7731648af9144a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9758366/1625140909297/13-IWE-IONIQ5-Skyscraper-160x600-Keyvisual/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 23:36:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53527
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 750
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 12:01:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 20 Jul 2021 23:36:45 GMT

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 9A69 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 12:12:50 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F96 0
0 45ms
41ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSzhY6y7_RfmqGJOVc1Fu4gfqxfyKz15p81M-5fi9JEPV0ZVLGV9shrsemt2XUHrN9cDVqt_Z_FnuznKuYh4SUc9ZPuhA-uBabcTvLOWXn4qo9W_fMzLeMgqBTCFEH3nMYnsqeKjjnCZv8XvcsaTEMFnyyngVmM4rlYaNINaFr3tdXUMPwR3_p8EOPJO5YW9xm5xAaVdpthPnYmA11IX52KOEU6vV-wXxtxy_Sooi6PXeggW3AnrBO2Jx--pMYbkV2Z_BmvVdYgXLFROX_A3ddo8sM2poBkskrilaQS20xnNmFiOlE7w14h60F3Xhq1tfOGx7CAvQ&sig=Cg0ArKJSzBKfT8eZOSkVEAE&urlfix=1&adurl=

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 3F96
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

19ms
19ms

Script
application/octet-stream

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a87fd41597436af0e4160d453d7e8e2b4384edb15d2fdf2058de7c29b31e637

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5302
content-length: 40120
last-modified: Fri, 28 May 2021 01:36:32 GMT
server: cloudflare
etag: "60b04920-9cb8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O67LOcoB3VzMrEfV4aDTojewhc6NOB9ofPH79zQJdq6ASXU8OQIq7SPPEU24YpD1282WYs6FbvsGYHopf%2FRswLnbRtk35gzrr4FNyNpGs9IhqOaC2ibvij6UORrMjrQS%2FbG5eE3TkW%2BmLHTJYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 671ce0e5289d4ea3-FRA

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F96 124 KB
37 KB 17ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:52 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 68CA 73 KB
27 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:52 GMT

GET
H2 200 third Show response
ssp.hinet.net/api/web/ Frame F1E5 0
220 B 240ms
239ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/third?c=2017004&s=201702000010&th=77&wc=1045
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 third Show response
ssp.hinet.net/api/web/ Frame AE96 0
220 B 239ms
239ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/third?c=2017004&s=201702000071&th=69&wc=2912
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:05 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 dpixel
cms.quantserve.com/ Frame 5A01 35 B
463 B 25ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENF0qKi7XP86CQsHvymx5DU&google_cver=1&google_push=AYg5qPLQiOgNJbdNlyHzO2DK5zVaS9_HYVIEM4H-HH9XuwAHQX3wMXeVWVDPXtmfcW4tNDXOMBgAPAEWjS4m3hFF8yVJJZcJRAA

Requested by

Host: 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
URL: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5A01
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKvbSsTeG3JWT4VFNFWO-Cq7PL_BY1T4Sds-sV...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBiZHBBQUFCTEZXcXpzeQ&google_push=AYg5qPKvbSsTeG3JWT4VFNFWO-Cq7PL_BY1T4Sds-sVkz9aca6xD_ZjsfQvClWp0xoLjt0lwwEquCtJ6bXvmpknNiGfCEYE-B34

170 B
190 B

17ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBiZHBBQUFCTEZXcXpzeQ&google_push=AYg5qPKvbSsTeG3JWT4VFNFWO-Cq7PL_BY1T4Sds-sVkz9aca6xD_ZjsfQvClWp0xoLjt0lwwEquCtJ6bXvmpknNiGfCEYE-B34

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVBiZHBBQUFCTEZXcXpzeQ&google_push=AYg5qPKvbSsTeG3JWT4VFNFWO-Cq7PL_BY1T4Sds-sVkz9aca6xD_ZjsfQvClWp0xoLjt0lwwEquCtJ6bXvmpknNiGfCEYE-B34
Date: Tue, 20 Jul 2021 14:28:52 GMT
Server: Apache
Connection: keep-alive
Content-Length: 390
Content-Type: text/html; charset=iso-8859-1

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5A01
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJO4OQ6sTdhp9mpmAeEQ5m3ecUmeLH7CvGcX8iP0ghLCx6ldsmami4CoTRDWttpVhynZ_Dk6fkcAOCuanC8R6W8qQUG8WA&google_gid=CAESEK0FdFFFOY_2440-nVqZn7Q&goog...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCKS724cGEgUI6AcQAEIASm9nb29nbGVfcHVzaD1BWWc1cVBKTzRPUTZzVGRocDltcG1BZUVRNW0zZWNVbWVMSDdDdkdjWDhpUDBnaExDeDZsZHNtYW1pNENvVFJEV3R0cFZoeW5aX0RrNmZrY0FPQ3Vhbk...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwa0pfWUJsQ2Vhd0NkY1A0ekJ6ZUNneWVoeU5wTnppSnNlWll2eTIyNk5rSQ==&google_push

170 B
190 B

17ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwa0pfWUJsQ2Vhd0NkY1A0ekJ6ZUNneWVoeU5wTnppSnNlWll2eTIyNk5rSQ==&google_push

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 20 Jul 2021 14:28:52 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwa0pfWUJsQ2Vhd0NkY1A0ekJ6ZUNneWVoeU5wTnppSnNlWll2eTIyNk5rSQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5A01
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEE5DIiAFGincuh-DBeIc_gc&google_cver=1&google_push=AYg5qPJbIX8L5XPF-3aDiaFu21APMZvTcwGlr0AuoSfZj3Uq19dndcI3Tk4d2aDMpSZoU0rXRHV2cmemU6pgBZa0OnmJq_KXlHQ
https://rtb.openx.net/sync/dds?google_gid=CAESEE5DIiAFGincuh-DBeIc_gc&google_cver=1&google_push=AYg5qPJbIX8L5XPF-3aDiaFu21APMZvTcwGlr0AuoSfZj3Uq19dndcI3Tk4d2aDMpSZoU0rXRHV2cmemU6pgBZa0OnmJq_KXlHQ&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJbIX8L5XPF-3aDiaFu21APMZvTcwGlr0AuoSfZj3Uq19dndcI3Tk4d2aDMpSZoU0rXRHV2cmemU6pgBZa0OnmJq_KXlHQ&google_hm=hcizb6SCxV4JjrNRwEfS6Q==

170 B
190 B

17ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJbIX8L5XPF-3aDiaFu21APMZvTcwGlr0AuoSfZj3Uq19dndcI3Tk4d2aDMpSZoU0rXRHV2cmemU6pgBZa0OnmJq_KXlHQ&google_hm=hcizb6SCxV4JjrNRwEfS6Q==

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJbIX8L5XPF-3aDiaFu21APMZvTcwGlr0AuoSfZj3Uq19dndcI3Tk4d2aDMpSZoU0rXRHV2cmemU6pgBZa0OnmJq_KXlHQ&google_hm=hcizb6SCxV4JjrNRwEfS6Q==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 1sbh996f16r4sso6glbkfkgghrikm9iu

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5A01
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ReTTYbpNTUiIudIlzC2_nA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

17ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ReTTYbpNTUiIudIlzC2_nA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJcBAE3WAGUaEyCcV7G73Y6aPX8d3o0Bj9_p8FCWZnzeyjNnvJtzEOJ2aTCzGb2fHMlvmjUUzMDYS8eYTIOuigui6CBQI

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ReTTYbpNTUiIudIlzC2_nA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJcBAE3WAGUaEyCcV7G73Y6aPX8d3o0Bj9_p8FCWZnzeyjNnvJtzEOJ2aTCzGb2fHMlvmjUUzMDYS8eYTIOuigui6CBQI
date: Tue, 20 Jul 2021 14:28:52 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 5A01
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHt6-T7z3ibhdXRl0tx6R_I&google_cver=1&google_push=AYg5qPKWDpn4PP5wL6o3knoHR0pkOXKgtcfRYK_xY1S8DWHZ0ol6Piof75cTSLLnYsX2PNpohtm...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JDNUsxTUotMU0tSVBQUg==&google_push=AYg5qPKWDpn4PP5wL6o3knoHR0pkOXKgtcfRYK_xY1S8DWHZ0ol6Piof75cTSLLnYsX2PNpohtm-E6grBJa7t9QHn2qZGFeFwA

170 B
190 B

17ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JDNUsxTUotMU0tSVBQUg==&google_push=AYg5qPKWDpn4PP5wL6o3knoHR0pkOXKgtcfRYK_xY1S8DWHZ0ol6Piof75cTSLLnYsX2PNpohtm-E6grBJa7t9QHn2qZGFeFwA

Requested by

Host: 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
URL: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JDNUsxTUotMU0tSVBQUg==&google_push=AYg5qPKWDpn4PP5wL6o3knoHR0pkOXKgtcfRYK_xY1S8DWHZ0ol6Piof75cTSLLnYsX2PNpohtm-E6grBJa7t9QHn2qZGFeFwA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 5A01
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHi...

0
0

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame 5A01 0
13 B 17ms
14ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KxfbC4F_XZZbWAmVhVbhBRJP3vgpf-NtXpJ6Ake3EeRFOuuAa0EHrHKpekTZ6tMo7NfTbW

Requested by

Host: 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
URL: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E9FC
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJ6wNYumPe4kf2csdKBfJRk&google_cver=1&google_push=AYg5qPKUzZA4aqGukaUsNuXenJMdzJ5CkYgPcpRvdNR8nu5uEA-ChShM9R...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKUzZA4aqGukaUsNuXenJMdzJ5CkYgPcpRvdNR8nu5uEA-ChShM9R7fK62oFZS-YoSyWSfZ6zFti96jtukO-Jvnp6UhyME&google_hm=1RmXRtb...

170 B
190 B

20ms
19ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKUzZA4aqGukaUsNuXenJMdzJ5CkYgPcpRvdNR8nu5uEA-ChShM9R7fK62oFZS-YoSyWSfZ6zFti96jtukO-Jvnp6UhyME&google_hm=1RmXRtblpdzuoODvVSsDeA

Requested by

Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKUzZA4aqGukaUsNuXenJMdzJ5CkYgPcpRvdNR8nu5uEA-ChShM9R7fK62oFZS-YoSyWSfZ6zFti96jtukO-Jvnp6UhyME&google_hm=1RmXRtblpdzuoODvVSsDeA
pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 466606.gif
id.rlcdn.com/ Frame E9FC 42 B
189 B 16ms
14ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPI5_ezFBYwJJ8NzNZbeo_yfDszFowyVJOb2bhpwfxNynJlSc6YinQXKJGAhklGuoeGBosk7pncwAXzu3WPU5YKgVvwxji8&google_gid=CAESEMXQbM-GP67NEr0iWVKGgko&google_cver=1
Requested by: Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:52 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E9FC
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEP-fY0LCUeHWM2rF_zCFOoE&google_cver=1&google_push=AYg5qPL994jZCWz2Aks4MfhnrhfhI_kC5RUYGOrrMwPMGkTY-OKfbl8vimq6OeVL1mfRfqkGrjGEm1ZJRz-h5A3Ex-FHe4puLjs
https://rtb.openx.net/sync/dds?google_gid=CAESEP-fY0LCUeHWM2rF_zCFOoE&google_cver=1&google_push=AYg5qPL994jZCWz2Aks4MfhnrhfhI_kC5RUYGOrrMwPMGkTY-OKfbl8vimq6OeVL1mfRfqkGrjGEm1ZJRz-h5A3Ex-FHe4puLjs&o...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL994jZCWz2Aks4MfhnrhfhI_kC5RUYGOrrMwPMGkTY-OKfbl8vimq6OeVL1mfRfqkGrjGEm1ZJRz-h5A3Ex-FHe4puLjs&google_hm=hcizb6SCxV4JjrNRwEfS6Q==

170 B
190 B

17ms
16ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL994jZCWz2Aks4MfhnrhfhI_kC5RUYGOrrMwPMGkTY-OKfbl8vimq6OeVL1mfRfqkGrjGEm1ZJRz-h5A3Ex-FHe4puLjs&google_hm=hcizb6SCxV4JjrNRwEfS6Q==

Requested by

Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPL994jZCWz2Aks4MfhnrhfhI_kC5RUYGOrrMwPMGkTY-OKfbl8vimq6OeVL1mfRfqkGrjGEm1ZJRz-h5A3Ex-FHe4puLjs&google_hm=hcizb6SCxV4JjrNRwEfS6Q==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: cvfrqpoavqdt4rjkk3a4tbmvfek4ii2s

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E9FC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PHfPECo2SCyc_1kKWg9PVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
190 B

16ms
16ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PHfPECo2SCyc_1kKWg9PVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIL7MCkDmgcS55piQ26OeO42q0NaiOC33LGxOgMIhuJo-X7axGCQCpe1sknVIhB0xWzUgpkye_XNjcwj1oa9OUoi0EfbjM

Requested by

Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=PHfPECo2SCyc_1kKWg9PVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIL7MCkDmgcS55piQ26OeO42q0NaiOC33LGxOgMIhuJo-X7axGCQCpe1sknVIhB0xWzUgpkye_XNjcwj1oa9OUoi0EfbjM
date: Tue, 20 Jul 2021 14:28:51 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame E9FC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEN3K3U8wQyPioM_KPtgnDTg&google_cver=1&google_push=AYg5qPJ0pNfBdLjdw0qSjL7pdC-TOfix2VWSCZhUd4aOpS-UFHH_Y7ConAta1H2tpKNbWWo9fDb...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JDNUsxTkQtWC03RUVF&google_push=AYg5qPJ0pNfBdLjdw0qSjL7pdC-TOfix2VWSCZhUd4aOpS-UFHH_Y7ConAta1H2tpKNbWWo9fDb-y2oOTYyYbCyOjVsQstg82w

170 B
190 B

16ms
16ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JDNUsxTkQtWC03RUVF&google_push=AYg5qPJ0pNfBdLjdw0qSjL7pdC-TOfix2VWSCZhUd4aOpS-UFHH_Y7ConAta1H2tpKNbWWo9fDb-y2oOTYyYbCyOjVsQstg82w

Requested by

Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JDNUsxTkQtWC03RUVF&google_push=AYg5qPJ0pNfBdLjdw0qSjL7pdC-TOfix2VWSCZhUd4aOpS-UFHH_Y7ConAta1H2tpKNbWWo9fDb-y2oOTYyYbCyOjVsQstg82w
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame E9FC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMIN...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame E9FC 43 B
296 B 67ms
22ms Image
image/gif 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEPsqdzNu7oVwFj_L1a1OAHA&google_cver=1&google_push=AYg5qPIYDgab2KTfEc0X6qpUbqLH8dDThncwGtrKKYacgjt_v9vilHfeZlPJ6zejvzdxWC8d1CRGYit1q3d-egE6NzBAA6tcuA
Requested by: Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:939a:325c:ab79:c5b3 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3-29 204 attr
cm.g.doubleclick.net/pixel/ Frame E9FC 0
13 B 15ms
14ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KB1cJ2dyOenFowmVQgAy4DFjwmpMMdP1WI3vbXlkm-pRXqp2MHk75DWGtHCeAT6SzOTt5T

Requested by

Host: 599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
URL: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame CA08 0
23 B 60ms
45ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 3F96 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8ecd68ebf6636654dcde936819a4b56c44fa878df4209e01da532606147df6c4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 363E 0
23 B 50ms
49ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 third Show response
ssp.hinet.net/api/web/ Frame 4A7A 0
220 B 240ms
239ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/third?c=2017004&s=201710000010&th=71&wc=2322
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:06 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://hinet.net
access-control-allow-credentials: true

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 3194 0
215 B 940ms
409ms Image
text/html 3.115.39.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D514085-wJxsOIKaey11ABzYtD3VQBtPdnexi9ke%26SID%3D32907%26Tags%3D2005%2C2004%2C2003
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.115.39.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-115-39-7.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://hinet.net
date: Tue, 20 Jul 2021 14:28:53 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame E859 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 12:12:50 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame CA08
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/769474/55842337/skeleton.js?adsafe_url=https%3A%2F%2Fhinet.net&adsafe_type=g&adsafe_url=https%3A%2F%2Fhinet.net%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F3f72d...
https://static.adsafeprotected.com/skeleton.js

17 B
241 B

29ms
29ms

Script
application/javascript

54.77.67.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.67.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-67-228.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 10371228
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.9.js Show response
static.adsafeprotected.com/ Frame 6573 81 KB
21 KB 29ms
29ms Script
application/javascript 54.77.67.228
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.9.js
Requested by: Host: 3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
URL: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.67.228 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-67-228.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 7de6d8301cd970728c46d6379ab6b7aee90ba56a7f70dd9bf8257f20dba2c516

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
content-encoding: gzip
last-modified: Fri, 16 Jul 2021 17:48:36 GMT
server: nginx/1.16.1
age: 45
etag: W/"a649c89091c39c7483930ba8cc3a5da5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 0862 35 KB
13 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 12:12:50 GMT

GET
H/1.1 200
OK data
b199.s79.research.de.com/ Frame 363E 43 B
308 B 11ms
11ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/data?/mnjwDgFAA+rvF1o0F0wFz6BvvAopFulF0uBulF0gBo0F0wFz6BvvAopFulF0uBulF0gBo0F0wFz6BvvAopFulF0uBulF0BFLruFDLkqFFlqwFyyAw0Az0AL2vFBLl1FDLkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBFUkzFAHQQBAAAAgCAYAAAA1BAQAAAAAAYJAXAAAA1BAZCDAFAx8E18ExBEGAx1A00A04ArY0mAPAAAAAAAAAPY0mAPAAAFAAQtlTY0mAZAAAFAw8Ez8EwBEGAx1A00A04ArRMPAPAAAFAAQtlTRMPAPBAAAAAAAAzRMPAZAAAFAw8Ey8EzBEGAx1A00A04ArfeOAPAAAFAAQtlTfeOAPAAAAAAAAAzfeOAZAAAFAw8Ex8EyBEGAx1A00A04ArehwAPAAAFAAQtlTehwAPBAAAAAAAAzehwAZAAAFAx8Ex8ExBEGAx1A00A04ArtDOAPAAAFAAQtlTtDOAPAAAAAAAAAztDOAZAAAFAx8Ey8ExBEGAx1A00A04ArLFDAPAAAFAAQtlTLFDAZBAAFAx8E18E5BEGAx1A00A04Ar7FwAPAAAFAAQtlT7FwAPmAAAZAwSAcAAAASksFcPdAAAAAAgCAYJAFAAAY0mAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAgCAYJAFAAARMPAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAgCAYJAFAAAfeOAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAgCAYJAFAAAehwAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAgCAYJAFAAAtDOAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAgCAYJAFAAALFDAAAQAOPFfTFPVFSDFFfFx2A12Az5AEATLFJOFAAAAAAAAAAAAAADAEJFWBFdAAAAAAgCAYJAFAAA7FwAAAyEkhF0hF6pEthFnlFvwEunF7iEhzFl2B0sApWFCPFS3FwLEHnFvBFBBFBOFTVFoFFVnFBBFBDFzBFBBFBXFCBFNBFBBFDyFszBpBFBBFBBFCsFCNFWFFVBFBBFErBBjFpXFtaF6XFBBFBBFBuFSTFUsFNBFBwFpkFyCFRBFBBFC3BTVFSCFWCFqUFiaFFCFEzFBnFDBFQMFEvByvBx5E1REvHF3aFVXFQEFpSFXCFv3EoGFioFCXFZHFVKFz0FaXFSTFEwFILF1LFZ5BOXF6vFm0BwVFxaE6kFyCE04FPIFrPENiF5wADWFsnFlxFhsFzpFwlE52B33EssFt5B3MF3IErlFr2EYoFv4BmzB0yFGMFZxBa1BroF0QEZsFzzAkMFEoFuFF0qFt0BOiFtrBlQFjKFzBEqzB3BFlPFjGF1JEi1FpyFVBFBBFBBFTVFWPFSLF1DEZJFJ9BEATLFJOFAAAAAAAAAAAAAADAEJFWBFQtjF2RXMYA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:52 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Tue, 20-Jul-21 14:28:51 GMT

GET
H3-29 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame DEE5 47 KB
47 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582160/20210607031514764/300x250.html?e=69&leftOffset=0&topOffset=0&c=UojpExTAlE&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582160/20210607031514764/300x250.html?e=69&leftOffset=0&topOffset=0&c=UojpExTAlE&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:22:40 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
age: 372
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:37:40 GMT

GET
H3-29 200 OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame DEE5 47 KB
47 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582160/20210607031514764/300x250.html?e=69&leftOffset=0&topOffset=0&c=UojpExTAlE&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582160/20210607031514764/300x250.html?e=69&leftOffset=0&topOffset=0&c=UojpExTAlE&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:17:47 GMT
x-content-type-options: nosniff
last-modified: Thu, 06 May 2021 11:38:29 GMT
server: sffe
age: 665
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:32:47 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DEE5 6 KB
4 KB 18ms
17ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b1ee025f710009cb91b9673d2d1af6d4aeef19e6e118c570733708c6e4cc083

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4363
x-xss-protection: 0

GET
H3-29 200 60005582_20210611055833302_Stoerer_AirpodsPro.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame DEE5 5 KB
5 KB 7ms
7ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210611055833302_Stoerer_AirpodsPro.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f665b131599311044cbe32c0da10dc710ce1ac5b38e7af2184a8e413e7f0871c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582160/20210607031514764/300x250.html?e=69&leftOffset=0&topOffset=0&c=UojpExTAlE&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 23:45:36 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Jun 2021 12:58:33 GMT
server: sffe
age: 52996
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5505
x-xss-protection: 0
expires: Tue, 20 Jul 2021 23:45:36 GMT

GET
H3-29 200 60005582_20210601011824234_APP_iPhone-12_AirpodsPro_Logo.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame DEE5 27 KB
27 KB 8ms
8ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210601011824234_APP_iPhone-12_AirpodsPro_Logo.png

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e3d3e209fc5bc1b96aadf4c709b25fa7d25b8dbfb00a6420f8d248d238501d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60582160/20210607031514764/300x250.html?e=69&leftOffset=0&topOffset=0&c=UojpExTAlE&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 03:29:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Jun 2021 08:18:24 GMT
server: sffe
age: 39588
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27802
x-xss-protection: 0
expires: Wed, 21 Jul 2021 03:29:04 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame DEE5 43 B
607 B 24ms
8ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=25124645_4307561_308257523_98823885_-0&ref=25124645_4307561_308257523_98823885_-0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Lich, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:52 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CA08 43 B
216 B 281ms
92ms Image
image/gif 52.71.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=c84f3ccb-ba9c-84da-8749-6507619c7300&tv=%7Bc:iVcXZT,pingTime:-2,time:458,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:125,bdZ:242,beA:458,beZ:459,mfA:765,cmA:766,inA:766,inZ:772,prA:772,prZ:789,si:795,poA:796,poZ:806,cmZ:806,mfZ:806,loA:855,loZ:857,ltA:915,ltZ:915%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:336%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:458,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:336,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B148~1%5D,as:%5B148~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sDImDUP+1111%7C11121%7C11122%7C11123%7C1113%7C1114%7C112%7C113%7C12%7C131%7C1321%7C133%7C1411%7C14121%7C14122%7C14123%7C14124%7C1413%7C14141%7C1415%7C15%7C161%7C162%7C1711%7C1712%7C1713%7C1721%7C1722%7C181%7C191%7C1a1%7C1a2*.769474-55842337%7C1a21%7C1a22%7C1a23%7C1a24%7C1a3%7C1a41%7C1a5,idMap:1a2*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,sinceFw:119,readyFired:true%7D&br=u
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:52 GMT
x-server-name: dt33.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DEE5 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:52 GMT

GET
H/1.1 200
OK data
b199.s79.research.de.com/ Frame 363E 43 B
308 B 13ms
11ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/data?/mnjwEqIAA2qoFx2Ay2A35AxzAzxA4yA23EywE4kFu3BqnF4BFlqwFyyAw0Az0ALkmFBTkzFARksFAQtjFTtFOSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:52 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Tue, 20-Jul-21 14:28:51 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 3F96 975 B
550 B 14ms
12ms Stylesheet
text/css 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5329
cf-polished: origSize=1191
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vd1dPlVtxvZQzWXSPHay%2Fvn%2Fs6LnmrKS5dg5GwK0i9GXPzhiGHKp5PKyIj0K4QefS530fn1f%2BtuvebiE01O2G3Vd3LXqX0BRPQYm0rlc2BCSujoQbo1WiTOcWK%2FzbtJMm1kmM2MC3xS7NiuIuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 671ce0e63b174ea3-FRA
cf-bgj: minify

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ Frame 3F96 46 B
491 B 285ms
106ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Long Beach, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: ef353502936755d8002d507a8b6a3f2f442bf3f4949542489b1cd35bf3f622c3

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ssp.hinet.net
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 3F96 379 B
1 KB 341ms
161ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=ssp.hinet.net&u=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017004%26s%3D201702000042%26t%3D1626791320215%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26o%3DjsG8H%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&xr=1&adid=ad-AA7B426E9B6A9A2EC8D7E993267482B8&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.4838605861516232&ao=https%3A%2F%2Fhinet.net
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Long Beach, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 792a170a290298277899acf5bf403fdd3ce5583043e76068a735627c123b59f6

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
x-width: 300
x-height: 250
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://ssp.hinet.net
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
x-adsource: PSA
x-sspid: 733c3307-df76-318a-8763-b1b4aeeefb99
connection: close
access-control-allow-credentials: true
content-length: 379
x-adstyle: banner
x-adtype: html

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 782C 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 12:12:50 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F96 0
0 41ms
41ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssAb38JVR6JHV9uW0fm3c4insTMlDwiy7KL1vW_rzOpa7TKQ_AYDtbS3PIcqnuKcj2PqxWLVCa7hKy0xgY-_hb3cTfDQ7dFjqWNQjFfmZ9k3GOACOK0rShsaX4jdUDgOMYyBG3xduNBHzbhKJpf1PbCqOLs5J8jLvM31X3Hj27mhlqnRTgYBg1Uc-91MbwR3Xm6LB2xPvDjzMOMfYZqnZyIKm4rkcW7M8d5KG3m5iDUzrtCjNyXX3qbmJjcOgaZ9x3xYwkXE5V3Ob-yDRjkRgfqTGfkV3oZwQaEKun0HLmSPgpdnEPejatuZAve8VueEY-Kt-H1r6qhSw&sig=Cg0ArKJSzBlBqeKe3RthEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Tue, 20 Jul 2021 14:28:52 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 68CA 11 KB
8 KB 20ms
19ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6dbbfb30d85e1c7bf8427164c64760d53d9039987bfb3264f765d9353eb59090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8477
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 68CA 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:52 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4A7A 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071501&jk=4108152970863386&bg=!OTqlOn7NAAZjFomlYxY7ACkAdvg8WlCysq36a2HRHygfXgRAPZ-TRJYPej8Nsm8_dbRaFt_GJ2fvqAIAAALtUgAAAFpoAQeZAnlKJSk1rx-9LT38sgaVI3MRkVJ3xeGFH-WCah1EoLAELwuIneasFubDkf_AMJfxbU_6zdHFnoMV3PY9DVSXXiGyaV6ea1RMk2QbHo5hSz1UJpXn_5a-4zYITsBeG2RFb96ia9tDrphB-LjmRX4N_RL4D-XBhgumePOJ8cuS9on-Fn-Pzlusn6xzQFFZ1RVPb5U_SEpJdw4RbnPIpcE5HGI6hDlsmZvpmupts9lcthrB6g63ZX1h6IkTs4BIL6sxz9BAzr4nE7TIHT34l7IJV3RgCfsh6eZAIZCo25QEzIZ8fAh91VxDE8LW9pBnFJhbpL8XpmLjSSKW_7t4a-nf8L4bqwx5y8UVLKA-mVM8LIZD7ifq3-A1KGrsUo2hnOlmG5mV4AzInyR0ukGvJtrjvUXK1ewZMcZP0qe5tTeWi9sF_KsGUTXcpERHrh7ePO-fS0elmeI0kME8iVoxL7nB_21bGshj8m7eEP_yKf5YGR2-AztBdTrO9wTbCHm5pYWEUjNtDMFlPfH2UXbSM8em1NI4NBRqM187J88fzxT5eAOfuNVHhD7yMnsQ0CbxFSnJYbRmIejM6F88gCbM4LceoVPnLDVpXyzGOgVGxlWOmArAtNYxYoOsCVXhXzcHrKmfYEdudo_ukuVPBprdmyrYr6LGFXrVLSF9dODOLNwRCIasQABV06K-EygyEaMWE0EpxsgLb7gnkCVtpNm8QuOKMM1mt9IUmZEGlRXBRcoefsdmeJfGFeBWdJXjdR7RjgB0yGsHieQ1XrbwD43sjP5yr_qdo2m43ErV5sR3UmdFbSXNecO0gXLb5luES--wD01c9wOitjSOtXY_V8c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame CA08 43 B
215 B 93ms
92ms Image
image/gif 52.71.1.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=769474&asId=c84f3ccb-ba9c-84da-8749-6507619c7300&tv=%7Bc:iVcY5I,pingTime:-10,time:819,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,fsc:17.5.9v220002022000220000022002222000022220200000222200222220002022022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS45djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS45dk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxMaW51eCB4ODZfNjR8fEdlY2tvfHwyMDAzMDEwN3x8LTEyMHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,asp:1626791333057%7C%7Ce76b36e8628fdbf3d66adc1ac3581043%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cfab8dcaf37f34643cd759b2b93aeeb2d%7C%7Cab4161ed35979d16ccb268c8249d1448%7C%7C3665e7246d88809b13ca3821bff694da%7C%7C64a9244b52bf852244760ce77946d140%7C%7C14b3d5053eff3f4b029e0c59b278d413%7C%7C1626457705,ch:n,im:%7Bimprf:%7Bttecl:930,ecd:30,tsecr:161%7D%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.1.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-1-191.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:53 GMT
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 8529 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 13:20:12 GMT
expires: Wed, 20 Jul 2022 13:20:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame FE83 783 B
761 B 16ms
16ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ccec667b90556d21bcd7769e75b84f590093bae723ada6e308fbe93d25047a88

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z79Dyhq7F2/TaFm7cWgbqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/

Response headers

expires: Tue, 20 Jul 2021 14:28:53 GMT
date: Tue, 20 Jul 2021 14:28:53 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-z79Dyhq7F2/TaFm7cWgbqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cht_cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame C46C 807 B
625 B 13ms
12ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678

Request headers

:method: GET
:authority: cdn.aralego.net
:scheme: https
:path: /ucfad/cookie/cht_cookieSyncIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
content-type: text/html
last-modified: Tue, 11 Aug 2020 08:15:02 GMT
access-control-allow-credentials: true
cache-control: max-age=14400
cf-cache-status: HIT
age: 5276
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LEB7mDHRv%2BqZ4Onk7aIC7yTonPIiecbUKCFwzKQhWLxgppGdG8MmDksvCTDzrnxlwn96p4xLCYeikJNWrA8uKucitTM2nVaB4v7XrKxSMhnrtzKhEuSJ20Yx0TlRktkPZ9LM7O7KoH8U0MR70A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 671ce0e83fe94ea3-FRA
content-encoding: br

GET
H2

200

1x1.png
cdn.aralego.net/img/ Frame 3F96
Redirect Chain

https://sync.aralego.com/idsync
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/733c3307-df76-318a-8763-b1b4aeeefb99?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-z.LVZhZE2oUk0A65X5bcnYVEWtA0res0sGq1qK8-~A&redirect=
https://x.bidswitch.net/sync?ssp=ucfunnel&user_id=733c3307-df76-318a-8763-b1b4aeeefb99&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=ucfunnel&user_id=733c3307-df76-318a-8763-b1b4aeeefb99&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=ucfunnel&bsw_param=530fe2da-de48-45d6-87d5-deb51095078f&google_hm=NTMwZmUyZGEtZGU0OC00NWQ2LTg3ZDUtZGViNTEwOTUwNzhm
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESELxmIJ-ugLufCLv4rrHRoeg&google_cver=1&ssp=ucfunnel&bsw_param=530fe2da-de48-45d6-87d5-deb51095078f
https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=530fe2da-de48-45d6-87d5-deb51095078f
https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=NzMzYzMzMDctZGY3Ni0zMThhLTg3NjMtYjFiNGFlZWVmYjk5&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
https://cdn.aralego.net/img/1x1.png

68 B
429 B

11ms
11ms

Image
image/png

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aralego.net/img/1x1.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 5354
content-length: 68
last-modified: Wed, 12 Jun 2019 06:09:43 GMT
server: cloudflare
etag: "5d009727-44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cKZIMOSCFRnEYy%2BcwudO%2FUNQ7OeGQLbaKIMmzV5QH%2Fm5YJzJRVcTjY6g0WK1kUk6srsIYB%2Bqd3UpE2Z9IuFprzT0rr7kNX5hvH0DPwjmqQWlL3Ok7tmvfhtNBOJmlJI0E42TEquApzoNQTkNvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 671ce0eec90a4ea3-FRA

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:54 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cdn.aralego.net/img/1x1.png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ Frame 3736 6 KB
7 KB 9ms
9ms Script
application/javascript 2600:9000:20eb:3a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0beffdab5eb3e5bb2d2bd0a0222d54397a2583b3a8b5681cf353d5f35f893afe

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:27 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Thu, 01 Jul 2021 09:20:58 GMT
server: AmazonS3
age: 32
etag: "dfe9b96fd56e29211a8dd79116e44a79"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 6564
x-amz-cf-id: PGyjzW-Md7h0cYrQEjXahKqjBF3SfYyUNAoX_OQndkTm0dwCMKIhEg==

POST
H2 200 fpc Show response
pmp-beacon.apx.appier.net/v1/ Frame C5F2 12 B
73 B 272ms
272ms XHR
application/json 34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=789&id=idockddgbi4oomk5w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ssp.hinet.net
access-control-expose-headers
access-control-allow-credentials: true
alt-svc: clear
content-length: 12

GET
H2 200 gcm
gocm.c.appier.net/ Frame 56E2 42 B
321 B 241ms
241ms Image
image/gif 172.105.221.240
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gocm.c.appier.net/gcm
Requested by: Host: ad2.apx.appier.net
URL: https://ad2.apx.appier.net/www/delivery/js.php?zoneid=789&id=idockddgbi4oomk5w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.105.221.240 Tokyo, Japan, ASN63949 (LINODE-AP Linode, LLC, US),
Reverse DNS: li1875-240.members.linode.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
cache-control: no-store
server: nginx
content-type: image/gif
content-length: 42
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H2 200 / Show response
ssp.hinet.net/api/web/request/ Frame FFD4 3 KB
1 KB 248ms
248ms Document
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: c8104820879b5e2c9e63238b3b554870f1289e24eb68ae68730f9ed333f5f127

Request headers

:method: GET
:authority: ssp.hinet.net
:scheme: https
:path: /api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ucfunnel_uid=733c3307-df76-318a-8763-b1b4aeeefb99
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll

Response headers

server: nginx
date: Tue, 20 Jul 2021 14:00:06 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: https://ssp.hinet.net
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
content-encoding: gzip

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 426E 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071401&jk=4173022192182835&bg=!lZalltLNAAZjFomlYxY7ACkAdvg8WhFrS1ocvHfTnlUbjZF2Pdvg8egDXkS2ylvtRmxYctl4rYrHwwIAAAKPUgAAAEVoAQcKAFBMytrYMUX6m5i12YfJmQA5-p4ugrrqdhZToKxm_LhakSJT6Qpk8W9T3Z9JA4E5d5pC7C5muvayXfE001ttqFKnTzjXR8rgvsM8zsUeaHtki5kCm45bfG6ebkc5wWhxbWp0Sfd9ww1S0pwUvgUZaEeexAH5ecLjrAeVKUtCBlKBDiFVcfsE6maJeXemfVDZviKxe6pimt_v6kb-Fvi3ofnWGcQt5ymrtyb-ROjDEVvTFjYuZ_HYrNXh0u0YbP764BhSYTiBX6AfCmWdeLMNFd_Avkk08a2QrAjcjSGeE4oY9G9Xq9514ytE0Qsgr8hzyAug8PGpPciyfLnTNpie94xPC_h8P5yffveYqKysnjbsm0IPhyyfv52lpK825x0ap4-weZWI7OxTNNCF7-s4p9BcYDIIlV7spn_sVgvk9KSnY_93h2bG5CHOiF7Xg-BeMi8UuFaysXme2ztKi2FPKPGHiavi5Tm3sbUL362r5XuMuZp-hXvG6GuBYbj7_x8gnb_gKO8CuRR_ExV1k_RPXerXt5TWXjx3v2UfpymxFlpqErFaMgTzX9oqsCFa350MtlfAig7mBUa9DTiMLxOQCoPbFjMUbklzriQyrDTNMBQXeDMOBh7P2oSNPF3Srik5pgm3YbGYWgtl2iAxBqT2GGAR0vXV1iL-KiO4zPvg4lZvsxrXBnC808FZgNt7c7du0ruSIJVEZe1YQe-S5MxjIuBCYtrK5zf382kEaE9esHxo1Ni-ZfSfJwtn4yMWLaJMjQA-f0Ny9b4Xql6_IpVCZPHfsP_p0KTmSs0A47sHELsQjPuETC9YnFbOFwG8rsYpdPKTUFRp2lVaLHD0xcJ30MM0VkrjupF7KHSXsa_xiDa3QWWaZweXBfeaNImbVNbcuG-cJjrO_Uk6KUOC_hQrM67yyOmcFlTFN1ZM0TgAb6yHnA8IYhCwUR68eoa3EQBsdqLZdlAysiK78PBvJvR5FEMOmEW8RZieX-ohtNlKeXA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame C46C 71 KB
24 KB 15ms
15ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cht_cookieSyncIframe.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

8ccbe1d5faf2711b2aeafde10dc31b04fb32d443f0d694a5cfdb610aef135d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "935 / 793 of 1000 / last-modified: 1626779619"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24907
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:53 GMT

GET
H2 502 cm.php Show response
fcm.holmesmind.com/ Frame B7DF 332 B
417 B 9103ms
9103ms Document
text/html 34.95.67.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: /
Resource Hash: 8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005

Request headers

:method: GET
:authority: fcm.holmesmind.com
:scheme: https
:path: /cm.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/

Response headers

content-type: text/html; charset=UTF-8
referrer-policy: no-referrer
content-length: 332
date: Tue, 20 Jul 2021 14:29:02 GMT
alt-svc: clear

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame DABF 3 KB
3 KB 6ms
6ms Document
text/html 2600:9000:20eb:3a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcab50b80facdd8259667f6902b74c713dc70feaf073cfed9b8de4a69fca6a0e

Request headers

:method: GET
:authority: cdn.holmesmind.com
:scheme: https
:path: /js/capmapping.htm
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/

Response headers

content-type: text/html
content-length: 2642
last-modified: Mon, 05 Jul 2021 09:22:39 GMT
accept-ranges: bytes
server: AmazonS3
date: Tue, 20 Jul 2021 14:28:49 GMT
etag: "e1a480f03215f2f740d3ac73c7b1c641"
x-cache: Hit from cloudfront
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 5W4AorwT5xImzeePnTJb4ArnYTyA7BePguK5kTcmWwhaFHmUgwqfEQ==
age: 4

GET
H2 200 edmp_init.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 3736 662 B
634 B 249ms
248ms Script
application/javascript 61.221.82.10
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/edmp_init.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.10 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-221-82-10.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: 28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
via: 1.1 259ad62fbc15a266fd43f7a6da6333e2.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 02:45:40 GMT
server: HiNetCDN/2104
age: 36
etag: W/"f58f8a90686f8ffb3325107e8a788b71"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-cf-pop: TPE51-C1
content-encoding: br
x-amz-cf-id: zuyF-ycKEK_Y0ehJaMLFNts82l8hB5ze5wYT1EcnLbnFWEQ4d8Gitg==
x-request-id: f7b005665e6dd4193524784e61397c91

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 6F36 6 KB
6 KB 9ms
9ms Script
application/javascript 2600:9000:20eb:3a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30a3ff10c02fd69f1209bd9153c983a776c8863cb91c3effb4a1be7c9b80e1bb

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:50 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jul 2021 02:19:06 GMT
server: AmazonS3
age: 3
etag: "c62e62c152e57c979abe141ef4e128de"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 6102
x-amz-cf-id: Dl9cqf6d7x1JQoIFBMljA9NliWNykVCfTpQk3kKVC8Aov5giRo1R2w==

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 8529 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 12:12:50 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E859 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_qLKo932YP7zM9-KjuwP9cKb6AIAAAAAOAHgBAI&bg=!AQKlAkbNAAZjFomlYxY7ACkAdvg8WllLg8Rx_uDe40n8JL3F_ViusWWDgoWc5D2J9j8sFBdsZPre7wIAAAIAUgAAADtoAQeZAttveWlCW-HMrSm868UWIMRZNV1OwkDu-RDuH-b4byJZNYflDUrMmD-kNZwi3sMChr4QZgZQog48JmEg84ym1HXrSrEdNKpsb73F9WFpZ0dxjM5yh6K2519XPrJJIF3ipsc0GwXDHaBkIlAIONoT2Smg9MsXoWbAhDiR-B-8o2i6VBYB5ZnIFJ54UJw3ov1Bpo5pA2ouysF_30tRtf92dG-kRIi5GsIhrk1Fgqk7rzXZEzjtP7Y8hCdp1APKAJ_6W_dWtFTmAAFyC39r7uWozmDUYU6UrmStaCHQB145Lrye0ZrUu5QU-3uJioTB68TXaGQKp-ht65sPnaYNs4c5KGNMmvMix3O8HLHHCByCTnQuYZf707B57x2tuYOzH1uwU8fDALlM2CJSgcsSi--3xeWm608R2j5aoIqVJbyNhPlN9JyAD2R3ByjJIVDhKWXmoNqgDkJdP15ZaeIXbj2M5Z8NjN5QS87rZAnK_BQ7c_NEilHtYw7zlYPW8kaDQnvxfvC8adSnrCXEDironluQaRQ48MGEsdrFzKyJN6xDud1pln_FP9tDPWhtY1MU0KH_Qc_gQO0es38RGJkSH7PfiIZzUHZ36MbaH8zt9DRD80YsLq-zP84kJ3xz2GkARM0KVjiNFQMuTjG7EZan18p9Fj57DhWa_bSPOo1VjeZ9HLBP2L5ohni7E5T10jr7vSclB1NzgJBu0DAnC4L3_llUcUOiDMwgIjKOO9lHguICBD3hBKHmyuPbflSi0TBrxW26jiS68O7ocnJsMgTK2TiSob05dSTaSNPLhNuFClycFoIKRhPLZOnrXRhWiU4_6WLaEX4vNWCg5x_TMRKuoBDYW81bDDqM0uzkduL5UMShZa1sGwrNabZrLEg9yVD6-U17DBTC77libHkkmwvHSOQhAlbSY445QlyZ1Ph33aYOd3Ss9OtktiiyWQuKT9EejYvajV148v2S5FmNKJJ7Aw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pubads_impl_2021071502.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C46C 330 KB
115 KB 22ms
21ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

acc5d1f40fa2e46ed40bec9c01d1463a630adbf627df4d7ee94e03563736635e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 15 Jul 2021 16:00:51 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117522
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:53 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 6F36 944 B
682 B 251ms
251ms Script
text/html 2600:9000:21f3:5e00:3:1794:2540:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=12196
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:5e00:3:1794:2540:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 01d2978416f3e4b7af031663240740b9652e9bcce485a85090f4c6bcb56b312b

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
x-amz-cf-pop: FRA2-C2
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ssp.hinet.net
access-control-allow-credentials: true
x-amz-cf-id: 1NSmMVt7ZM1APhoh7lKvgTUFg9-itvdShpIu5Q1c2ZAKICx3_QaM0g==
via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)

GET
H2

200

cm
c.holmesmind.com/ Frame DABF
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
510 B

114ms
114ms

Image
text/html

35.201.76.93
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.76.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Tue, 20 Jul 2021 14:28:53 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: clear
content-type: text/html; charset=UTF-8

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0862 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzXLjo932YJyINZmw3gP0qaOIAwAAAAA4AeAEAg&bg=!VValVhLNAAZjFomlYxY7ACkAdvg8Wg5Hmk_daSEp77UaOCD0Ofm29kDmNTB4bFBjK4607bqfD-xyRwIAAAICUgAAADBoAQcKAGWPdgIb6ZKWXypLHFUtQvrgmGBtBaRn3ng8XfjAc-V2UoLPmM4p8sVX3rS8_rNyQhjB9mqW91cbFtAWBfNs5osKYPea6IfzBV9D6RZMjKec3g9HIsD7dJNDTrMe3RKgZ8p4fH8zkJkC5Fcpk9binKttZpq3J2FL5mhIiNdITOQ2DVdOPpwD9hDnlvToNwo55cO9LaGYxEOxvYvFnkqU823-kLfETwDZLWRgfLFqjJTKHJV26cl_c1WHPjGiq_6SUYZuwTRHTdE4f0q9cBeVle5gSVK-KlUAxspH8yhvRY5WsWDY-vG_d_LDYjFdrXYTQZ1uynRdEmMmh9CDyNH_rBArPrQwmXL5P89rmsRYgmPct7br0rSVetYvUQCMbeLPwHfSHqWnQdXmozsp-tFzPPC9DQpsHunfhdZM6FFlTWUkwoQLbcTqsGzCILn9lp_0o2I2lPgmWtlwy1qfwC4B5rYW62oMkQD-0TyHRzStWAplc-qhPoPamZo4Bx0Jh6XKxoAa594KtG6IhDdcxFb-zsYmln1pJBv-BcPOqKAQacvzF6Q3W_77Wo-UP0FRlK4aX8bJmsrXye7GOWWLX483jYUt5P9yRLGwxZhLVOOfW5e0chCNhdGkeiGAU3mt7R1ZDvuplO6TaYO_utOejAjayi4lTiGZgCWn-luGAKLvoAk8jv8g3o9yLj5E1cVl9hfTFigXLeHUZEDOU-IgJYuO6nEjvLmxEEQpeORQ85PxEt5FAnmqF51_h9GbH6z--59XaB0rSMVHJKNWAtA1bWnszKSkAaZh3yM3d2_cIxSfzgketSUM4u34NWbkhiZVrZSGcmNLRq7k4foJWHFX_01PuduAkmT80IwIxZbf_3rYkecBBJxhCTE8JeoO_Aw6hQzBbdFRM1s7cfq9U8-gWi2VTCk40mZm5raf1-ynk4Quj2tkuv7q654dofTgKzFsgL6qvD_OQUCvcEyUyoYk0O5gBs0ywmcAWLQ_3zV0FmioZ6R6v4AX43fXcg9LIEtPaPlb498K10hnJTEDYrb7Q0wmgHKuHGpu4RswN19hUh4qx8ous9JI2ERv-HgrHWoZ9HiWOernGKIjA6erHarLIRPufhiYGbQyVuSgOPgMxMqX

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 style.css
s0.2mdn.net/9758366/1625140909297/13-IWE-IONIQ5-Skyscraper-160x600-Keyvisual/css/ Frame D22E 1 KB
557 B 6ms
6ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1625140909297/13-IWE-IONIQ5-Skyscraper-160x600-Keyvisual/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1625140909297/13-IWE-IONIQ5-Skyscraper-160x600-Keyvisual/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9f4f33fb776dd880daab7c79869314236d3cfe2af36148b10ca3d4f38ac618a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/9758366/1625140909297/13-IWE-IONIQ5-Skyscraper-160x600-Keyvisual/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 23:30:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53927
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 417
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 12:01:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 20 Jul 2021 23:30:06 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame C46C 107 B
165 B 22ms
22ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame C46C 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C46C 329 B
174 B 44ms
43ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3257152940132455&correlator=1121985267759024&output=ldjh&impl=fifs&eid=31061831%2C21064366%2C31061842%2C20211866%2C21065724&vrg=2021071502&ptt=17&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cdm=cdn.aralego.net&bc=31&abxe=1&lmt=1597133702&dt=1626791333491&dlt=1626791333197&idt=272&ea=0&frm=8&biw=-12245933&bih=-12245933&oid=3&adxs=-12245933&adys=-12245933&adks=64515409&ucis=r8bustx7yds&ifi=1&ifk=923963767&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=3&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2Fcht_cookieSyncIframe.html&ref=https%3A%2F%2Fssp.hinet.net%2F&top=https%3A%2F%2Fssp.hinet.net%2F&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=0x0&msz=0x-1&ga_vid=773506788.1626791333&ga_sid=1626791333&ga_hid=2018274588&ga_fc=false&fws=256&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

2ee5ef3f1b7b4fd70eb348f779a64da89cc8ab57bd48ca2e79ad7d1efea0c9ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 130
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
b564a7e3badbd705ed361b4bc7e3fbbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8140 6 KB
3 KB 27ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://b564a7e3badbd705ed361b4bc7e3fbbb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=3

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: b564a7e3badbd705ed361b4bc7e3fbbb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=3
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 14:28:53 GMT
expires: Wed, 20 Jul 2022 14:28:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tag.js Show response
t.ssp.hinet.net/ Frame FFD4 6 KB
3 KB 246ms
245ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/tag.js

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

7142961a1ad7563f0016537a0cf6bc977bf8ae9fe60a0885fde76211ae3aac83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
content-encoding: gzip
last-modified: Tue, 13 Jul 2021 00:56:37 GMT
server: nginx
etag: W/"60ece4c5-1662"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
strict-transport-security: max-age=0
expires: Tue, 20 Jul 2021 14:38:53 GMT

GET
H2 200 jquery-1.9.1.min.js Show response
code.jquery.com/ Frame FFD4 90 KB
32 KB 8ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.9.1.min.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Request headers

Origin: https://ssp.hinet.net
Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:07 GMT
server: nginx
etag: W/"54499a47-169d5"
vary: Accept-Encoding
x-hw: 1626791333.dop168.fr8.t,1626791333.cds277.fr8.hn,1626791333.cds018.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 32772

GET
H2 200 universal.js Show response
tenmax-static.cacafly.net/ssp/ Frame FFD4 124 KB
37 KB 17ms
17ms Script
application/javascript 2606:4700:10::6816:9ee
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tenmax-static.cacafly.net/ssp/universal.js
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:9ee , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9c6fc5a4cf8dfbd460cc8b1a95cec75c31bb09d635af0099f1175b910fbcf04

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 20 Jul 2021 14:28:53 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: yj+NSpzx+4ztjFJ7qu+fJw==
age: 4096
x-ms-lease-status: unlocked
last-modified: Mon, 17 May 2021 07:42:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-ms-request-id: f44c7d23-001e-0008-2ff0-4af984000000
access-control-expose-headers: x-ms-request-id,x-ms-version,x-ms-lease-status,x-ms-blob-type
cache-control: max-age=1800
x-ms-version: 2009-09-19
cf-ray: 671ce0eaaed34ddc-FRA

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C46C 11 KB
8 KB 21ms
21ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071502&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7683c9443430a94597d0f9040bd75568682b8d9d7de8feb249437978ae1f3a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8477
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C46C 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071502.js?31061831

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:53 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 6F36 4 KB
2 KB 278ms
277ms Script
text/html 175.41.232.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=12196&rf=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017004%26s%3D201702000042%26t%3D1626791320215%26u%3Dd6af6140-7a1f-4761-9e84-150941d4d4d0%26o%3DjsG8H%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&n=249&o=1&d=1&b=2&ts=1&ii=2&FPCK=7577-4M0f0f0pVQsJyNHEvlRmXmcuElrue2uT
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.232.18 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-232-18.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c075f214d3183215a3366e5acf0b007eab32bbabf39d7fc26fdf57252168c775

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ssp.hinet.net
date: Tue, 20 Jul 2021 14:28:53 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 6F36 3 KB
1 KB 249ms
248ms Script
application/javascript 61.221.82.10
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.10 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-221-82-10.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
via: 1.1 db53508c0ad927e764160ee4b3fa81e0.cloudfront.net (CloudFront)
last-modified: Tue, 04 Aug 2020 09:25:10 GMT
server: HiNetCDN/2104
age: 47
etag: W/"6a605eea47197fa280f27aaf1fa1521d"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-cf-pop: TPE50-C1
content-encoding: br
x-amz-cf-id: ZNzgvv0LjZEWR9fCE_CnPsY0mGMSrDKOuYknptJtNUjlZ3kLALP4Og==
x-request-id: b324fdba34a69ee885540c7dbeca3f78

GET
H2 200 appierV2.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 6F36 3 KB
1 KB 249ms
249ms Script
application/javascript 61.221.82.10
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/appierV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.10 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-221-82-10.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: 8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
via: 1.1 7570f485f03bad71f82f7f4b41147dca.cloudfront.net (CloudFront)
last-modified: Thu, 11 Mar 2021 07:54:26 GMT
server: HiNetCDN/2104
x-amz-cf-pop: TPE50-C1
etag: W/"548ed610a8571343fb3022f543174735"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-encoding: br
x-amz-cf-id: oEAWM7eGikB-0eDN5j7q-pPOBdIKoVDFdsDaDMrLBDQc8hKuvuKP2A==
x-request-id: 34639d0e5188fd6f45d4e446d9e2eb83

GET
H2 200 appier_mainV3.js Show response
banner-cfnetwork.cdn.hinet.net/js/ Frame 6F36 3 KB
1 KB 250ms
249ms Script
application/javascript 61.221.82.10
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.10 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-221-82-10.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: f443a34f019986fc0949e5f4993c6f400337ba74f296ece6fc7e667fd411f92c

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
via: 1.1 b1e98d6f23bf8312e5a34847053352cc.cloudfront.net (CloudFront)
last-modified: Mon, 01 Feb 2021 03:25:47 GMT
server: HiNetCDN/2104
age: 11
etag: W/"2dd28f3fa27f42668b8859c537099414"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-cf-pop: TPE51-C1
content-encoding: br
x-amz-cf-id: cGj4-xM78SUslnkAgcpgKhI0Cx2mwk-MG-mf5E7b4hfbopBKLuiLcQ==
x-request-id: 13f728313196c3ec7c64bf816c60b9bb

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 02D8 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 13:20:12 GMT
expires: Wed, 20 Jul 2022 13:20:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4121
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1C56 783 B
531 B 20ms
20ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3dda853f4ad4feb011861f13f75fcfda70b1134e74c524bd3f029215bda94263

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C/2yZMqChB8LavDxeaMXnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.aralego.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://cdn.aralego.net/

Response headers

expires: Tue, 20 Jul 2021 14:28:53 GMT
date: Tue, 20 Jul 2021 14:28:53 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-C/2yZMqChB8LavDxeaMXnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 02D8 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 12:12:50 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 68CA 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071301&jk=4186689734809012&bg=!6-il6KzNAAZjFomlYxY7ACkAdvg8Woyl-9OPwKOLDW8nwL5s_4ppuSrSrm53sBrLCrv12L3cL87LhwIAAAEdUgAAAA9oAQcKAFkC21rhzg5EBt5zrdK63d0LpdVuyhlCAPbCsWWR8MMh6vHdDnXa3gxLMAu281F3UgSe9snyFtH8YcOQxV-WSDA621Jq4xT0rH3CXpn1F71r1PyswPfhPe_WCZkCe-sNDxRdKNHLGGuGQf6Hyvjh9lhb84NHVO1hCirouiSEsPPp5LKDKT_8unt4iHMfAJmlDXTIfPTyMU4ILfF1wqZfDo5mqM67aO-MiRbMS2svYxJOBy8mSEhBjG96MEFmXXpj-kJnyTAs-Mdvjg474HuqB_CwN8TpLKxk7ooCLPox05oY28QVDZJ8q_lp5SUcrs1KnlTlLv-ivXe47BQyovnMa9dAk30-j94xkVS4U8xgTInw3cPgfzp5YVedNZ8xiOzwNpA7sXN50X2AH1xr1vIiBMYT5s5i4IZY6S7CLQjH-x0Zx0qa7KmcW8GPNKilbGfBZ8I9rFRpfGgFjmWC1n3yMQeQ9DTT2DzYNQP2M16twu7y4JhmX_uRA3boCdccFMY1winWvkMfKWifnlasxOwKD1XGs6PGib8TUoo8FcQp7cnFgbUwTRzJb34_6Mzc0ZCQEtRUPftXlxdYF8o6tlrMNK1W9w0Gs-aVnpooUsnx6NyGoiBuOzJ7Wfqv6UMu6hqWa_NfhqD8eXlqdUZPeHAvMxYC9T_4H1Ijrl7diWz6kyPXoh7mraBo844Wqe-UhBMfNhjeiFhrghrvPbEuWer1RQQInuPyVlWxD7sGqpNVTvqQQvCDwkzOmASAhtVWBrgr0vFVCGfazt_jZ9kNugRhexKHGjc7jbjMyoqCcACMGmPM2ERjeg_EqiqR8exvqizB3ZdgKueHfMJ3TJuyj2W5FB7qfH8qSkkylXrCpMc1H81wAH9cGr_4gt9_3rZ6R5dfEWkWZ0K7L5JDcm9yOJ41N8O9Jvic2thKlTA3Ob8GKg05qRThS3VGistIs8Qq_u6u8Vn0JmcGP5xO

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame FFD4 37 B
403 B 248ms
247ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

2da1c650d45f011cd9a81f191dfddf0ee5f6becb61f06febc8bb96ede8e66df4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ssp.hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H/1.1 200 b734323b-0532-40a6-8d4e-782e1c96bd3a
dmp.tenmax.io/p/ Frame FFD4 43 B
528 B 250ms
250ms Image
image/gif 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.tenmax.io/p/b734323b-0532-40a6-8d4e-782e1c96bd3a?random=894622203
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.HINET-IP.hinet.net
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:53 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Type: image/gif
Transfer-Encoding: chunked
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK plan Show response
ssp.tenmax.io/supply/v3/universal/ Frame FFD4 5 KB
5 KB 256ms
256ms XHR
application/json 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.tenmax.io/supply/v3/universal/plan?rmaxSpaceId=562201f098cf4a9e&referer=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017004%26s%3D201710000009%26t%3D1626791320215%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26o%3DPaufS%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&cacheBuster=e590cb2b-fc33-48a1-b859-9724235955d0
Requested by: Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/universal.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.HINET-IP.hinet.net
Software: nginx /
Resource Hash: 52c5aa969d4d83f6e24e832be06940495b53aecdff9f2e1725aad861227457c1

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:53 GMT
Server: nginx
Vary: Origin
P3P: CP="CUR ADM OUR NOR STA NID"
Access-Control-Allow-Origin: https://ssp.hinet.net
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 4920
X-Application-Context: application:prod,aggregator,build-ext:58070

GET
H/1.1 200
OK data
b199.s79.research.de.com/ Frame 363E 43 B
308 B 11ms
11ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/data?/mnjwFZYAATkzFARksFAQtjFH2JNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:53 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Tue, 20-Jul-21 14:28:52 GMT

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 6F36 0
175 B 162ms
162ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: banner-cfnetwork.cdn.hinet.net
URL: https://banner-cfnetwork.cdn.hinet.net/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://ssp.hinet.net
date: Tue, 20 Jul 2021 14:28:53 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 6F36
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=nelijzWKBKGrnh2mpd32YA

2 B
138 B

275ms
274ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=nelijzWKBKGrnh2mpd32YA
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: clear
content-length: 2

Redirect headers

date: Tue, 20 Jul 2021 14:28:54 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=nelijzWKBKGrnh2mpd32YA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 6F36
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=nelijzWKBKGrnh2mpd32YA

2 B
167 B

274ms
273ms

XHR
application/json

34.96.119.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=nelijzWKBKGrnh2mpd32YA
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.119.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.119.96.34.bc.googleusercontent.com
Software: nginx/1.19.0 /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
via: 1.1 google
server: nginx/1.19.0
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
alt-svc: clear
content-length: 2

Redirect headers

date: Tue, 20 Jul 2021 14:28:54 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=nelijzWKBKGrnh2mpd32YA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C46C 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071502&jk=3257152940132455&bg=!e3ileDzNAAZjFomlYxY7ACkAdvg8WlYPWy-pgjp-EmqLEJ--g37h4KSsXcv5CUXwujp4RQ7TBQNZlgIAAACwUgAAABFoAQeZArulEZD52TI0MfVKLYOQvYbka4g1NbLjNYoLAUA5PO-QNAUd8zbJ6p-pRdwdOG3SDC9osic7v4ugGXBGsrp2fY3cGj_SmeJN9tAnUJtIxDigChfN8ht4_jgTlmw57FpKvSUb645XLg00XPAVd2ZkZNiJu2ZC9KD9vTejSCuvNan5sKyIFjHZjD9ydOHixajlrFF_C0_Lz01RL9bnk_LT3KFs2L4wqNK3KxiDoJ93qGAhrDRBB1OtRmN794dJdoTSMPOCRIjntLl5FFAnRtiQMON9oP2xbZbB5fzD-Eu_sHJXMvIIUucunK_GZdCPd-OAfnfn-LGOszyQ6KFlRq8wiuptZxOuINOZY432sKG8YKXq8eVnt9H6SfLosZiLmkWgjTBejtoj9caBnCNEUvigoidFjuPtx81s5ynORWxsIqY3w8Q3_1Gc1ioNXtZQhJrBIfy0p1iG6yRscLEbKGcMa2kmdhI3njvgIaPtU1u29m9Y8AG8xSV6wKv9MeHX9Y1A-b52e-MZD_VLQduqFuWyvJzFcK2395EecOh0wTKNawROqe9dZWeRzETU1hQmpRXf-aFV9ebKuxHolvsI_yL_PZu5WUTCsnG8s8XOH-r1Hxz6jGlpZDGhTpX4NlMagMHQk4fubRQRmS-iDIdJQo6sY95eIRTDh6KiroI2OsPZt7mhvTd6dIKJ6yJHOjf_XpX2Esg0Qv25OklZpd9iGn5c1LNKC8at5YmfDC0lGVph3JjVELcPMjm0L99FDD_iPDLu-uy1tPPYrh_YFZYTwN1716nz4w2DR-Sydy7nETIjqObIoShZgCg2qlXjDapwi7pEVgO4ouH46N1BRjQEl9D4rcdNwbpeTNVlj-nK9VPFa4zlBPjrJxyHpSqD3rdJ3aQDCiMAWEYDlbvdpX6s-egFPR6vs6KJMgafDqU8VJ0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3F96 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsva-MhHSQmCmABb7mfjLq7e_WDY2L7Pa35GoS-m9ikcqCmwVCreRScc-6E46ESFlcvTM_YTP9iN5Nc5ISgV_VF-XFC637lQR-X4noAYjg1wdk5pfVr2&sig=Cg0ArKJSzABpVxtwIg4qEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=4227493683&rs=4&met=ce&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626791332357&rpt=304&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 6F36 10 KB
10 KB 6ms
6ms Script
application/javascript 2600:9000:20eb:3a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=12196&rf=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017004%26s%3D201702000042%26t%3D1626791320215%26u%3Dd6af6140-7a1f-4761-9e84-150941d4d4d0%26o%3DjsG8H%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&n=249&o=1&d=1&b=2&ts=1&ii=2&FPCK=7577-4M0f0f0pVQsJyNHEvlRmXmcuElrue2uT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:3a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:53 GMT
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
last-modified: Fri, 16 Oct 2020 09:58:46 GMT
server: AmazonS3
age: 1
etag: "84d8b1a745228113e60f5e62f0eff6d3"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 10359
x-amz-cf-id: qCRcDEB5ATBBUEwl6SVcJn0VSNc6SiWX6GYTHWLtgABWuW5j4r4w1Q==

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 3736 0
217 B 412ms
408ms Image
text/html 3.115.39.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D233762-44m6isbUcsmWBlXzClbSjQARXzEyI41N%26SID%3D33734%26Tags%3D2609%2C2610%2C2305%2C2906
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.115.39.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-115-39-7.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ssp.hinet.net
date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 3736 0
217 B 407ms
403ms Image
text/html 3.115.39.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D233762-44m6isbUcsmWBlXzClbSjQARXzEyI41N%26SID%3D33553%26Tags%3D2590%2C2196%2C2195%2C2918
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.115.39.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-115-39-7.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ssp.hinet.net
date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 3736 0
217 B 405ms
404ms Image
text/html 3.115.39.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D233762-44m6isbUcsmWBlXzClbSjQARXzEyI41N%26SID%3D32907%26Tags%3D2005%2C2004%2C2003
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.115.39.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-115-39-7.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ssp.hinet.net
date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 chtmp.php
ccm.holmesmind.com/ Frame 3736 0
217 B 401ms
400ms Image
text/html 3.115.39.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ccm.holmesmind.com/chtmp.php?u=https%3A%2F%2Fapi.cf.dsp.hinet.net%2Fcktagv2.php%3FUID%3D233762-44m6isbUcsmWBlXzClbSjQARXzEyI41N%26SID%3D32957%26Tags%3D2008%2C2001
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.115.39.7 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-115-39-7.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://ssp.hinet.net
date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame FFD4 30 B
274 B 248ms
248ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=5ba4b597-1f81-4aa2-bd6f-bd24c59669fd

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/tag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://ssp.hinet.net
cache-control: no-cache, private
access-control-allow-credentials: true
strict-transport-security: max-age=0

GET
H2 200 pixel
t.ssp.hinet.net/ Frame FFD4 0
79 B 246ms
246ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.ssp.hinet.net/pixel?bd=5ba4b597-1f81-4aa2-bd6f-bd24c59669fd&t=ch%3D2017004%26st%3D201710000009

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame FFD4 69 KB
24 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: tenmax-static.cacafly.net
URL: https://tenmax-static.cacafly.net/ssp/universal.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72e05e2b9663f192d248a1be27032bc54fe69d7d462c5debd23e58a5b86e51e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "935 / 908 of 1000 / last-modified: 1626779489"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24188
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:54 GMT

GET
H/1.1 204
No Content request
ssp.tenmax.io/supply/tracking/ Frame FFD4 0
206 B 247ms
247ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/request?bid=cf540c60-e966-11eb-b88a-d77b7347752c&chid=355dfccdbede4309&sid=562201f098cf4a9e
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:54 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H3-29 200 pubads_impl_2021071301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame FFD4 329 KB
115 KB 14ms
14ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

9f43aa34b620c451290ad923748729c9956da9e7476387b34f860d1131108924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 08:39:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117314
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:54 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame FFD4 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ssp.hinet.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame FFD4 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ssp.hinet.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FFD4 25 KB
12 KB 403ms
403ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1615245388954499&correlator=3789601767991701&output=ldjh&impl=fifs&eid=31061161%2C21068031%2C31061843%2C31061779%2C20211866&vrg=2021071301&ptt=17&sc=1&sfv=1-0-38&ecs=20210720&iu_parts=37275962%2Crmaxspace%2C562201f098cf4a9e&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=adx_region%3DTWN%26line_item_type%3DadSense&eri=4&cookie_enabled=1&cdm=ssp.hinet.net&bc=31&abxe=1&lmt=1626791334&dt=1626791334170&dlt=1626791333527&idt=629&ea=0&frm=8&biw=-12245933&bih=-12245933&isw=300&ish=250&oid=3&adxs=0&adys=0&adks=2278012217&ucis=hwa49v8w5tan&ifi=1&ifk=2963140700&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017004%26s%3D201710000009%26t%3D1626791320215%26u%3Dd6af6140-7a1f-4761-9e84-150941d4d4d0%26o%3DPaufS%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&ref=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017004%26s%3D201710000009%26t%3D1626791320215%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26o%3DPaufS%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&top=https%3A%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%2F%3Fc%3D2017004%26s%3D201710000009%26t%3D1626791320215%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26o%3DPaufS%26show%3Dstatic%26ca%3D%26k%3D%26cab%3D%26kb%3D%26mode%3Droll&vis=1&dmc=8&scr_x=-12245933&scr_y=-12245933&psz=300x0&msz=300x0&ga_vid=2011208514.1626791334&ga_sid=1626791334&ga_hid=1784333084&ga_fc=false&fws=260&ohw=300&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9737da49bdaa08390d1478a0b4bda7dc8c5924df6ea3460436dd87f84078e941

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11851
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ssp.hinet.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 60F2 6 KB
3 KB 29ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 14:28:54 GMT
expires: Wed, 20 Jul 2022 14:28:54 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 11.js Show response
banner-cfnetwork.cdn.hinet.net/js/tmp3/ Frame 6F36 7 KB
2 KB 249ms
249ms Script
application/javascript 61.221.82.10
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://banner-cfnetwork.cdn.hinet.net/js/tmp3/11.js
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.10 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-221-82-10.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: 22497ed853bb0e226d99400b7c220afb4e3663f103ae0255386983d9c9b0b593

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
via: 1.1 74c2c2900cdba45ef6964cb3b5366561.cloudfront.net (CloudFront)
last-modified: Thu, 04 Feb 2021 07:29:38 GMT
server: HiNetCDN/2104
x-amz-cf-pop: TPE50-C1
etag: W/"d7bf594929d347b7a23b06e4dc6c7800"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
content-encoding: br
x-amz-cf-id: QUq3AfT4Vb0CPalgq7p-gsBku9dCtSL21R3f4PDRkoHAWso88a6cww==
x-request-id: 9a2f1a44e54e164125b8dbca498fa670

GET
H2 200 cf.png
banner-cfnetwork.cdn.hinet.net/ Frame 6F36 1 KB
2 KB 250ms
249ms Image
image/png 61.221.82.10
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner-cfnetwork.cdn.hinet.net/cf.png
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.10 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-221-82-10.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: 812fee8364370eb24b5e585558d3b0df4785cd95a76105c9e0ab987ff8d5cd84

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
via: 1.1 ba6b942710aa259103f983d062cdf775.cloudfront.net (CloudFront)
last-modified: Mon, 11 Jul 2016 08:32:53 GMT
server: HiNetCDN/2104
age: 953
etag: "a77740eea95ba2ef6436403310c6f59a"
x-cache: HIT
content-type: image/png
x-amz-cf-pop: TPE50-C1
accept-ranges: bytes
content-length: 1512
x-amz-cf-id: r7FtTHRpECC1zfE6F6XsFzITnlRWU_q5ahUXIm39Ae_Vt7fwR3WI7w==
x-request-id: 08de0fdb35d23fea4ae994e8f1e3db54

GET
H2 200 av Show response
ad.holmesmind.com/adserver/ Frame 6F36 0
152 B 250ms
250ms Script
text/html 175.41.232.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/av?p=12196:32957:90700:c822d4b7c323faf2893fc08a50fa284e:7472&type=0
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/drawV2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.232.18 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-232-18.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 i
ad.holmesmind.com/adserver/ Frame 6F36 0
77 B 247ms
247ms Image
image/png 175.41.232.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.holmesmind.com/adserver/i?ut=1626791333&p=12196:32957:90700:c822d4b7c323faf2893fc08a50fa284e:7472
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.41.232.18 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-175-41-232-18.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
content-type: image/png
server: nginx/1.14.0 (Ubuntu)

GET
H/1.1 206
Partial Content s_c1537f1dc519381460bff16202e679e7.mp4
v.holmesmind.com/7472/video/output/ Frame 6F36 3 MB
3 MB 1032ms
966ms Media
video/mp4 13.226.145.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://v.holmesmind.com/7472/video/output/s_c1537f1dc519381460bff16202e679e7.mp4
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.145.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-23.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 224a41fd3d2960a3d05c2ecffdc3cbbc0dbafc1909f5aca5c62f952477c1213e

Request headers

Referer: https://ssp.hinet.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 20 Jul 2021 14:28:56 GMT
Via: 1.1 58dd513f0a53b3e6851a071cb857a706.cloudfront.net (CloudFront)
Last-Modified: Tue, 20 Jul 2021 06:30:25 GMT
Server: AmazonS3
X-Amz-Cf-Pop: DUS51-C1
ETag: "3341e5dc90df40bec403721ed8383892"
X-Cache: Miss from cloudfront
Content-Type: video/mp4
Content-Range: bytes 0-3135465/3135466
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3135466
X-Amz-Cf-Id: 82KJ6iXp1NwA1m-mz9Dru31BJ_dKtmkkZKRXL_labPM_qS0F0U_yAg==

GET
H2 200 white-mute.png
banner-cfnetwork.cdn.hinet.net/image/creative/vastplayer/ Frame 6F36 690 B
1 KB 249ms
249ms Image
image/png 61.221.82.10
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner-cfnetwork.cdn.hinet.net/image/creative/vastplayer/white-mute.png
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 61.221.82.10 Tainan City, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 61-221-82-10.HINET-IP.hinet.net
Software: HiNetCDN/2104 /
Resource Hash: 20cbe51aa556f8704bbada00f5ad25aecaf9329d08febbb133c2543cc2ba6f96

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
via: 1.1 7cd0cd576fa5f09b5851ea05b7feecc4.cloudfront.net (CloudFront)
last-modified: Mon, 07 Aug 2017 03:03:09 GMT
server: HiNetCDN/2104
age: 844
etag: "217636ef44316cdf319fe9c258f94bf2"
x-cache: EXPIRED, HIT
content-type: image/png
x-amz-cf-pop: TPE51-C1
accept-ranges: bytes
content-length: 690
x-amz-cf-id: aYSmw3iiJm4kJzyqcQZ1EBP_a8zCUrnbqxQxzPbzw0hGEV0mYG8w9A==
x-request-id: b9a54ab5cf17917ce780627784c54acc

GET
H2 200 container.html Show response
dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B636 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Tue, 20 Jul 2021 14:28:54 GMT
expires: Wed, 20 Jul 2022 14:28:54 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame FFD4 73 KB
27 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434913869424"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28061
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:54 GMT

GET
H/1.1 204
No Content impression
ssp.tenmax.io/supply/tracking/ Frame FFD4 0
206 B 250ms
249ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/impression?bid=cf540c60-e966-11eb-b88a-d77b7347752c&chid=355dfccdbede4309&sid=562201f098cf4a9e&lineitemid=5346731421
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:54 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FFD4 11 KB
8 KB 20ms
19ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021071301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9d5a1e0b821683371a89b3278314aac0a04c4a1523aa2f415b5c5b89a49e56b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8503
x-xss-protection: 0

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6106 0
163 B 15ms
14ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjZsc-ZATAB&v=APEucNUpuv7LgoufKG4Dghb6PYxNsRogFSv7rBeCey4ZYx2JWL_IUWWJhGFgQIDgOSkavwbptBju01pO_QqDDmKjWdqU5Sy4Jzo6IfTKRCRPuv_PqG1_Xr3tPOLA3kX9AIWkAAloWmebBZ61zRkZ-8s5CNm_NtvMQxa00XRMy2vSowqIJc2zJFI

Requested by

Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJfnugEQw7j0ARjZsc-ZATAB&v=APEucNUpuv7LgoufKG4Dghb6PYxNsRogFSv7rBeCey4ZYx2JWL_IUWWJhGFgQIDgOSkavwbptBju01pO_QqDDmKjWdqU5Sy4Jzo6IfTKRCRPuv_PqG1_Xr3tPOLA3kX9AIWkAAloWmebBZ61zRkZ-8s5CNm_NtvMQxa00XRMy2vSowqIJc2zJFI
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 20 Jul 2021 14:28:54 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 20-Jul-2021 14:43:54 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 20 Jul 2021 14:28:54 GMT
cache-control: private

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B636 24 KB
13 KB 36ms
33ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dc3zC_qMU-U8D3QTT_VWEUNneNFZtKtAgBz2ojniuVM9qAej2rcKGd2wZrcCslCfOoICKOHtxyCH_RiRDYPkCtapluIPO-mWnhsgh-OCkTtpu5OmOvu6doIeOxduy_k-Sx9VSv2CDWZ2NPAOdC8l_IEVFVyw&cry=1&dbm_d=AKAmf-CIWa4DSYN-d-lAB0IXYRvEckR1ezccyj8t2yzAxfgLjaIuXlGS1ynl47xPDTYy5D77zfC-NHY_NhFI31903E1DDpopcdplH0NxHC1G0ngP7zmw0Jm7Fk6jVgYi03QpAEJqK0kORj4uHWY1kcnJKbAupIjZYrkrt6Ms6jcXiTXSLvB6eeXzF91dIcdYzjUuJ52n3ICaPr8uUeqCoS_ymOhf5pGeElReRUrPX8WHAIdBlROeyLVO8tecREVLe7mRAbqHvwRm_vh_SLaCpXbwN2qBHbDm5W426ZviKVdbws8_P_lW5XAM62X7zyLO5adFb6jMWYke3WqSPe8Qtr3xiC-nTaC--YcCzscbNz2x_JCzQdtMz2txFzA3uUC06M1vd9UQzg2rF5e6qvbZqfKlR6T2Xlc_ol3-ew-rih33-SDqQA5YGRbvcF73QUYHudLU1HKxKGHMfHwqzEb9BMPU5RRzQ-3yydjaKNnJmhLEngIwExbvcny3sJaM9eeUeRBg4GrIlDmnqp9GNsBquqVFYcHrvBbPqWFs2wrw4JKMxHaClrdcnVtMJufQVHY264YPoR3YThgQdXm9WKyyAGnGv9gc1g0Yek3WYLz7_HwFvuX4U_4UW9DFU7Wcy97CDgm31SwAQRoC0gCsbyM39QooBMhhur6HPE_OhE_KPXWGFil72T2mHGjsyjrx8hU4QGfYxAoqbOsIlq8tW1jQQwq8T9azdETH2ieGWNQT9LQsa0QbETOo1JD2juyeK5Te033gC9_WjrVxkaYmNe37lypBEUFBYBIUuy2rT7-EzssNIyHOVOhmrV2MQ-6VrmpsLxcvjmisylWeaYKC97qBavoORy0uoo6a2_9eyfzK_8xr7oRPOjovES606kz3fqvTBbMSzCCzVnJnYJzuWx8lkiiE-sab_FPPa0iTOor_Z7P-5y840MgxdMDP6QPGsc83mlXfaTIVv314uUwTnoUC7o9uLpCvDxr69Gg-VcvsWDhyA5KwVtrd7Ae0kpzRmfRcAGb8O83mbRHDoqwte89MeODj1fqDv4CRV8n8UqFT3cOoAwJ1Cii1-T6mKiWKc3ibRsRSD8kUGrTLXtAzewDWmJGjpsMSfRXSPlF-N72haNoDJu880g1g8XqBnuXTehP2cy6-sSqvRtW5eKCH9t667Tvnrq8eJIHN-PgWRCCfarv8vmMg9N01np1IieJNGqQWE3vyjKL6pRkdmiDfWdyTD4fEFRiucJYJUTDhkXuwkzSHCAx63UHKa2Dtmm7Q3EqLV4FhH0-j7fM7r6d0HIRyRIB5SJiNx1MbZeUPySg09XgGvF2pfNrtkMGZEX5v-i1BY4ky1H-SUOVAG026BmNaY3l8y3w4Sn_diES1mnSW31zADOUhnJjk-pLoAEVeJYzAflCfRLuNCjhTDifIg4ZtH1bC-AfHluiw_jS79aGyaU07INBdPkNWMV-C-aODKlzEm5OhGdmXFu7VIjF93HavItdLnpBOUI6ifO2Oo1uOCPnLAxTD7I_J78--n84Gkrsorc_SoKPks1dNimf4eNj_XI86nsVlpnpx-IeidV7oTj0PjAztTbPOZVYQ6257zDCfVQzeI1ZkLVFc0zAWPAVtzKkPYuYM1wjT4jv_4r_d6pcn8gEKu8SSiZvZ3BNhIMxDVYD1gMf2Fnnej3RJOgDImvivVwrMpMAizZQMY4bM9_d-Fa692FatV2gaZ-C5khocQh3ImfSvPcF-Hg9BYN03uv6-oMbgg3Nj2SfeoUxuImLNrmPBqJ6GxwL4aBEdrnhUKAlVeTWCBvSxeoiqapXo5MZLJbnSmG_gMlQ8U5Mzqm7O4XWAxlkkMKbv9eAYR3vq0qRilfZd7pki5EYINm__tPg8NzOLe3Gvlqzg4N7WHYGg2429pyjfVCSH4RuEuCv3wspN7TXC5f0Mgeq_G-L8HcPu5XnJgQ85wnvI4QreMuVx8NYbXVtjO900OXZmIkySkkCTnXPtJ3jWh6Tw7-Ie54izfwvZHkMu1IYe8EHQ_Mgyz2QjSGrvWmGm-HS0V6Wjp5rf6G_6dQb7IXKgPEyXkQ0GxHtvvP1JhVcpaOf1tGj-yykmvQf0HLeHZCmWRbExqWa-FB4n9DuL7X4duSKZ4aG8i4RhgrB08zFqoCMbZHd2SJcAubZKRJNY1JivylteB3A9fD8_fe7ihTPm99pG8bd0o6IJv5Vpp5crijdeVV-UPCuWg55PT7kaETrFc-LYiW9olspYGktOrDJRGtK0v4Kfwke78GLjjsQgtvhZcO81E7H3IG2PERgv0M9_Wg6IFHxNm-nBXwgQYtgpIQWv9gobOoUy0ZILXz4bO3F8CPqkh4kZ9t3jucCIpnO2yZPtjDrUe9rRHmrUAOgPkMjbm2TXeWeXM5grxZvRkR-mqYivbLTMQXjF4Am7IoWXoaV2E5TzT852_XCmpvM6cx9Ky-EeX6sP0ywGkvdOFvMxcsw5A0-6VqwIImj739DUh8IFgrA05-O6VWQtvlpo2AvSyddo8oH5YVepLMYTnGLoJmXwJ9unf-oaYUuvHJ3bZy37c0j6LaM_aHigFs-i82dBzlAXn6buznTD8u-CNBk28DoXHhQwG_mjYxIDKQ7Um7GL3ZFicCTg9Otsspmlt_oXwcTT6oaXzrciICU1E2CLF9Nva0UdmLKxCEzeYsPHtEJBKFvkbpRw4fAVTkmVWWnzPpTnGABUwJ-vrvT0gSBhFmxl0dhBOZsjeD44rLoeAjl1xb2on_rmCYAHNKZgY-YN5C4WrpUm3AvDP-T-qrcA5LIplrhJ-bIC3EFHT6YCCn_kPN8Iw6MmFjFVXaF0kxn368a4B6NXeeDClL-ofgjdCyf1eyDo208V-7xIv9aQrPfeYKltpPYlMxIPaXsg5EQZ7QjTaWDhbcvKY-Bk-30RYS7yK_QlqAUGMTmkTKVzOrMwfCPA4lAzhR-ZlkA-UBuJ1hsnjaH_ubUt9Q&cid=CAASEuRoTU90F9yfyevRPYiTDhEJyw&rfl=2%2Chttps%253A%252F%252Fhinet.net%242%2Chttps%253A%252F%252Fssp.hinet.net%252F%240

Requested by

Host: hinet.net
URL: https://hinet.net/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0940248334cc81bd0e4621c32da73b7af82fdc9901f2db94df6dd476307b654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12859
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B636 42 B
63 B 41ms
38ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dz7gjyqY1D2rTb8L7Vfu2ynhtYFvLGEwWb6AxhY_QhTtKwbFih8mp2TPK0wT5IUAs26CQ0kQRFEjwDk-bsuhBcqe0t9rhpwp2TDdAiNzmVcvdJAog

Requested by

Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame B636 2 KB
2 KB 24ms
6ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4229116&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hpiXm4Fbmc7G-DFgbEg7C1&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322164953&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=11532566399&turl=https://ssp.hinet.net/api/web/request/&DVP_PP_BUNDLE_ID=
Requested by: Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 2f14058e002493c8edc86dc210649cb1639d2192472e8e1b42b7a494f93ad4a0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 12:37:06 GMT
Server: Microsoft-IIS/10.0
ETag: "6c5a49f3637dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame B636 7 KB
3 KB 24ms
6ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hpiXm4Fbmc7G-DFgbEg7C1&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322164953&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=11532566399&turl=https://ssp.hinet.net/api/web/request/&DVP_PP_BUNDLE_ID=
Requested by: Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a504c71b140cfd49c4b6a23e182a92d5e7753a751a9be4323703c05902b0f06e

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 13:37:44 GMT
Server: Microsoft-IIS/10.0
ETag: "0c43f6b6c7dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3171

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame B636 2 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/window_focus_fy2019.js

Requested by

Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:25:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 14:25:32 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B636 124 KB
37 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1626434926419779"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38153
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:54 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/ Frame B636 14 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210712/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:17:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 687
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6221
x-xss-protection: 0
server: cafe
etag: 7452675974595557415
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 14:17:27 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FFD4 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021071301.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Tue, 20 Jul 2021 14:28:54 GMT

GET
H2 200 pv
cf.t.ssp.hinet.net/ Frame 3736 0
80 B 985ms
238ms Image
image/png 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cf.t.ssp.hinet.net/pv?p=12196:32957:90700:c822d4b7c323faf2893fc08a50fa284e:7472&cid=233762-44m6isbUcsmWBlXzClbSjQARXzEyI41N&oid=7472&sid=32957&tid=2008,2001&industry=61

Requested by

Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.HINET-IP.hinet.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:55 GMT
server: nginx
content-length: 0
strict-transport-security: max-age=0
content-type: image/png

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame D5DD 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Tue, 20 Jul 2021 13:20:12 GMT
expires: Wed, 20 Jul 2022 13:20:12 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7141 783 B
763 B 18ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c6648e6d9cdd3fa19a5ff538d87d6994b9902bcf9e8f6976e0b84a74c45714d5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-uUslsxET7f9LG/i4gW5REA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ssp.hinet.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ssp.hinet.net/

Response headers

expires: Tue, 20 Jul 2021 14:28:54 GMT
date: Tue, 20 Jul 2021 14:28:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-uUslsxET7f9LG/i4gW5REA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210712/r20110914/ Frame B636 23 KB
9 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210712/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dc3zC_qMU-U8D3QTT_VWEUNneNFZtKtAgBz2ojniuVM9qAej2rcKGd2wZrcCslCfOoICKOHtxyCH_RiRDYPkCtapluIPO-mWnhsgh-OCkTtpu5OmOvu6doIeOxduy_k-Sx9VSv2CDWZ2NPAOdC8l_IEVFVyw&cry=1&dbm_d=AKAmf-CIWa4DSYN-d-lAB0IXYRvEckR1ezccyj8t2yzAxfgLjaIuXlGS1ynl47xPDTYy5D77zfC-NHY_NhFI31903E1DDpopcdplH0NxHC1G0ngP7zmw0Jm7Fk6jVgYi03QpAEJqK0kORj4uHWY1kcnJKbAupIjZYrkrt6Ms6jcXiTXSLvB6eeXzF91dIcdYzjUuJ52n3ICaPr8uUeqCoS_ymOhf5pGeElReRUrPX8WHAIdBlROeyLVO8tecREVLe7mRAbqHvwRm_vh_SLaCpXbwN2qBHbDm5W426ZviKVdbws8_P_lW5XAM62X7zyLO5adFb6jMWYke3WqSPe8Qtr3xiC-nTaC--YcCzscbNz2x_JCzQdtMz2txFzA3uUC06M1vd9UQzg2rF5e6qvbZqfKlR6T2Xlc_ol3-ew-rih33-SDqQA5YGRbvcF73QUYHudLU1HKxKGHMfHwqzEb9BMPU5RRzQ-3yydjaKNnJmhLEngIwExbvcny3sJaM9eeUeRBg4GrIlDmnqp9GNsBquqVFYcHrvBbPqWFs2wrw4JKMxHaClrdcnVtMJufQVHY264YPoR3YThgQdXm9WKyyAGnGv9gc1g0Yek3WYLz7_HwFvuX4U_4UW9DFU7Wcy97CDgm31SwAQRoC0gCsbyM39QooBMhhur6HPE_OhE_KPXWGFil72T2mHGjsyjrx8hU4QGfYxAoqbOsIlq8tW1jQQwq8T9azdETH2ieGWNQT9LQsa0QbETOo1JD2juyeK5Te033gC9_WjrVxkaYmNe37lypBEUFBYBIUuy2rT7-EzssNIyHOVOhmrV2MQ-6VrmpsLxcvjmisylWeaYKC97qBavoORy0uoo6a2_9eyfzK_8xr7oRPOjovES606kz3fqvTBbMSzCCzVnJnYJzuWx8lkiiE-sab_FPPa0iTOor_Z7P-5y840MgxdMDP6QPGsc83mlXfaTIVv314uUwTnoUC7o9uLpCvDxr69Gg-VcvsWDhyA5KwVtrd7Ae0kpzRmfRcAGb8O83mbRHDoqwte89MeODj1fqDv4CRV8n8UqFT3cOoAwJ1Cii1-T6mKiWKc3ibRsRSD8kUGrTLXtAzewDWmJGjpsMSfRXSPlF-N72haNoDJu880g1g8XqBnuXTehP2cy6-sSqvRtW5eKCH9t667Tvnrq8eJIHN-PgWRCCfarv8vmMg9N01np1IieJNGqQWE3vyjKL6pRkdmiDfWdyTD4fEFRiucJYJUTDhkXuwkzSHCAx63UHKa2Dtmm7Q3EqLV4FhH0-j7fM7r6d0HIRyRIB5SJiNx1MbZeUPySg09XgGvF2pfNrtkMGZEX5v-i1BY4ky1H-SUOVAG026BmNaY3l8y3w4Sn_diES1mnSW31zADOUhnJjk-pLoAEVeJYzAflCfRLuNCjhTDifIg4ZtH1bC-AfHluiw_jS79aGyaU07INBdPkNWMV-C-aODKlzEm5OhGdmXFu7VIjF93HavItdLnpBOUI6ifO2Oo1uOCPnLAxTD7I_J78--n84Gkrsorc_SoKPks1dNimf4eNj_XI86nsVlpnpx-IeidV7oTj0PjAztTbPOZVYQ6257zDCfVQzeI1ZkLVFc0zAWPAVtzKkPYuYM1wjT4jv_4r_d6pcn8gEKu8SSiZvZ3BNhIMxDVYD1gMf2Fnnej3RJOgDImvivVwrMpMAizZQMY4bM9_d-Fa692FatV2gaZ-C5khocQh3ImfSvPcF-Hg9BYN03uv6-oMbgg3Nj2SfeoUxuImLNrmPBqJ6GxwL4aBEdrnhUKAlVeTWCBvSxeoiqapXo5MZLJbnSmG_gMlQ8U5Mzqm7O4XWAxlkkMKbv9eAYR3vq0qRilfZd7pki5EYINm__tPg8NzOLe3Gvlqzg4N7WHYGg2429pyjfVCSH4RuEuCv3wspN7TXC5f0Mgeq_G-L8HcPu5XnJgQ85wnvI4QreMuVx8NYbXVtjO900OXZmIkySkkCTnXPtJ3jWh6Tw7-Ie54izfwvZHkMu1IYe8EHQ_Mgyz2QjSGrvWmGm-HS0V6Wjp5rf6G_6dQb7IXKgPEyXkQ0GxHtvvP1JhVcpaOf1tGj-yykmvQf0HLeHZCmWRbExqWa-FB4n9DuL7X4duSKZ4aG8i4RhgrB08zFqoCMbZHd2SJcAubZKRJNY1JivylteB3A9fD8_fe7ihTPm99pG8bd0o6IJv5Vpp5crijdeVV-UPCuWg55PT7kaETrFc-LYiW9olspYGktOrDJRGtK0v4Kfwke78GLjjsQgtvhZcO81E7H3IG2PERgv0M9_Wg6IFHxNm-nBXwgQYtgpIQWv9gobOoUy0ZILXz4bO3F8CPqkh4kZ9t3jucCIpnO2yZPtjDrUe9rRHmrUAOgPkMjbm2TXeWeXM5grxZvRkR-mqYivbLTMQXjF4Am7IoWXoaV2E5TzT852_XCmpvM6cx9Ky-EeX6sP0ywGkvdOFvMxcsw5A0-6VqwIImj739DUh8IFgrA05-O6VWQtvlpo2AvSyddo8oH5YVepLMYTnGLoJmXwJ9unf-oaYUuvHJ3bZy37c0j6LaM_aHigFs-i82dBzlAXn6buznTD8u-CNBk28DoXHhQwG_mjYxIDKQ7Um7GL3ZFicCTg9Otsspmlt_oXwcTT6oaXzrciICU1E2CLF9Nva0UdmLKxCEzeYsPHtEJBKFvkbpRw4fAVTkmVWWnzPpTnGABUwJ-vrvT0gSBhFmxl0dhBOZsjeD44rLoeAjl1xb2on_rmCYAHNKZgY-YN5C4WrpUm3AvDP-T-qrcA5LIplrhJ-bIC3EFHT6YCCn_kPN8Iw6MmFjFVXaF0kxn368a4B6NXeeDClL-ofgjdCyf1eyDo208V-7xIv9aQrPfeYKltpPYlMxIPaXsg5EQZ7QjTaWDhbcvKY-Bk-30RYS7yK_QlqAUGMTmkTKVzOrMwfCPA4lAzhR-ZlkA-UBuJ1hsnjaH_ubUt9Q&cid=CAASEuRoTU90F9yfyevRPYiTDhEJyw&rfl=2%2Chttps%253A%252F%252Fhinet.net%242%2Chttps%253A%252F%252Fssp.hinet.net%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b16ba35e5187f8a497911c15869ed3dde1699b7cde356aab4756f79c5361b61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:24:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 255
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9232
x-xss-protection: 0
server: cafe
etag: 10905407182236941062
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 14:24:39 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B636 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 01:12:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47761
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Jul 2022 01:12:53 GMT

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame D5DD 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 12:12:50 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6DFB 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 19 Jul 2021 11:19:01 GMT
expires: Tue, 19 Jul 2022 11:19:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 97793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dvbs_src_internal95.js Show response
cdn.doubleverify.com/ Frame B636 90 KB
21 KB 10ms
10ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal95.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4229116&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hpiXm4Fbmc7G-DFgbEg7C1&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322164953&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=11532566399&turl=https://ssp.hinet.net/api/web/request/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 208639b35ab3639d2b64850e2a032b716661dec3a704ee28dee16b56bfed6630

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 12:37:17 GMT
Server: Microsoft-IIS/10.0
ETag: "807c63f9637dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=259200000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20713

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame 0B25 1 KB
1 KB 21ms
7ms Document
text/html 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal95.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=65554
Date: Tue, 20 Jul 2021 14:28:54 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame B636 2 KB
1 KB 35ms
15ms Script
text/javascript 213.254.244.21
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_304913940392&jsTagObjCallback=__tagObject_callback_304913940392&num=6&ctx=1828362&cmp=115845&plc=4229116&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=304913940392&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.40&dvpx_strhd=0.40&brid=0&brver=&bridua=3&dup=null&turl=https://ssp.hinet.net/api/web/request/&srcurlD=1&ssl=1&refD=2&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hpiXm4Fbmc7G-DFgbEg7C1&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322164953&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=11532566399&DVP_PP_BUNDLE_ID=&prr=1&aUrlD=-1&m1=13&noc=16&fcifrms=10&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=142&eparams=DC4FC%3Dl9EEADTbpTauTauDDA%5D9%3A%3F6E%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau9%3A%3F6E%5D%3F6ETar9EEADTbpTauTauDDA%5D9%3A%3F6E%5D%3F6ETar9EEADTbpTauTau546ddbeb4%606g_6eh%60eb%60f36h54geehhe%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauDDA%5D9%3A%3F6E%5D%3F6ETau2A%3ATauH63TauC6BF6DETau&dvp_exetime=12.90
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal95.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.21 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e5c8d644854257824304c3f30f571e962733b4eb851eae6860fe896a6c139759

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Date: Tue, 20 Jul 2021 14:28:54 GMT
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 7/19/2021 2:28:54 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame EF53 4 KB
2 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:54 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=79896
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame B636 9 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal95.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a13bb387ff62a70ff8118c65f9c4cdd1d2849a7081702742a3fdba6e0e65eeae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4182
x-xss-protection: 0
last-modified: Mon, 19 Jul 2021 19:49:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 20 Jul 2021 15:28:00 GMT

GET
H/1.1 200
OK bsevent.gif
tps20512.doubleverify.com/ Frame B636 807 B
1 KB 49ms
9ms Image
image/gif 213.254.244.20
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20512.doubleverify.com/bsevent.gif?impid=093a2e92a44e415bab952f56669acbeb&dvp_or2=1&cbust=1626791334772347
Requested by: Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:54 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 7/19/2021 2:28:54 PM

GET
H3-29 200 exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DFB 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/exkW1aWpcEgyfnSxaN04_gBnrAbbgfV_chCPI0EM_3k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 12:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8164
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13308
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 12:12:50 GMT

GET
H3-29 200 impl_v76.js Show response
www.googletagservices.com/dcm/ Frame B636 37 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v76.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

887f063df27ef4a696d31ce39ffaded7dc0b18b2a7c82045e54bfa240c375fd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Jul 2021 09:28:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15557
x-xss-protection: 0
last-modified: Wed, 16 Jun 2021 20:05:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 14 Jul 2022 09:28:01 GMT

GET
H2 200 B9689862.280410797;dc_ver=76.221;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=627852508;ord=m0r8gp;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=2,https%3A%... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame B636 36 KB
18 KB 35ms
35ms Script
text/javascript 216.58.212.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=76.221;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=627852508;ord=m0r8gp;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=2,https%3A%2F%2Fhinet.net$2,https%3A%2F%2Fssp.hinet.net%2F$0;xdt=1;crlt=hRbLERyDrJ;osda=1;sttr=35;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.166 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f166.1e100.net

Software

cafe /

Resource Hash

4fbc8abb2d7aef9d315d11beff6fb162824193279952ec4ae110090ea63da1f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18368
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/elements/html/ Frame B636 8 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210714/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=76.221;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=627852508;ord=m0r8gp;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=2,https%3A%2F%2Fhinet.net$2,https%3A%2F%2Fssp.hinet.net%2F$0;xdt=1;crlt=hRbLERyDrJ;osda=1;sttr=35;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:23:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 309
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 03 Aug 2021 14:23:45 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B636 0
60 B 42ms
42ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvZgkwFso3Hv75ypcfMIvnpBf3B16dDPlNs8JlPgED7A5BDB27_TnG6_VPvinPa8sBeuTfNBCeN75lwNIIdQxchmnuZeINGIwSo5d57O2QsSRFXRO9kIH1SEVN-h-DMNL7tJtlKbHvYnejGy0zldw&sig=Cg0ArKJSzKcteLSTBK1eEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210714.73149&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame B636 7 KB
3 KB 7ms
6ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13311291&cmp=9689862&sid=2641434&plc=280410797&num=&adid=&advid=2276943&adsrv=1&btreg=474523622&btadsrv=doubleclick&crt=123744728&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=76.221;dc_eid=40004001;sz=300x250;u_sd=1;dc_adk=627852508;ord=m0r8gp;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2Cnull%5D;dc_rfl=2,https%3A%2F%2Fhinet.net$2,https%3A%2F%2Fssp.hinet.net%2F$0;xdt=1;crlt=hRbLERyDrJ;osda=1;sttr=35;prcl=s
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: a504c71b140cfd49c4b6a23e182a92d5e7753a751a9be4323703c05902b0f06e

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:54 GMT
Content-Encoding: gzip
Last-Modified: Tue, 20 Jul 2021 13:36:55 GMT
Server: Microsoft-IIS/10.0
ETag: "80f5a4e6c7dd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3171

GET
H2 200 10302019-104349156-adc_AEX_Reward_300x250_endframe.jpg
s0.2mdn.net/2276943/ Frame B636 29 KB
29 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/2276943/10302019-104349156-adc_AEX_Reward_300x250_endframe.jpg

Requested by

Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1292d86fc4f0108bbab5b1db31747777d540ef45b5d8ad812da6141616b2e2d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 04:35:38 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Oct 2019 17:43:49 GMT
server: sffe
age: 35596
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29714
x-xss-protection: 0
expires: Wed, 21 Jul 2021 04:35:38 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5992 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Mon, 19 Jul 2021 11:19:01 GMT
expires: Tue, 19 Jul 2022 11:19:01 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 97793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 third Show response
ssp.hinet.net/api/web/ Frame 68CA 0
223 B 240ms
240ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/third?c=2017004&s=201702000042&th=73&wc=2942
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:08 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ssp.hinet.net
access-control-allow-credentials: true

GET
H/1.1 200
OK dv-measurements1549.js Show response
cdn.doubleverify.com/ Frame 7EE0 483 KB
87 KB 7ms
7ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1549.js
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e42489aee750681927e88591e25f9864dafbf032e614ad46e7a217a88180a8c8

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 14:13:53 GMT
Server: Microsoft-IIS/10.0
ETag: "8026a94da87cd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89038

GET
H3-29 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B556 1 KB
752 B 6ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 20 Jul 2021 11:56:19 GMT
expires: Wed, 21 Jul 2021 11:56:19 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 9156
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame B636 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7a8f07032557a4901abfe22a60f9a29cc729383a0a2db3b6fccf44cee9acce4f

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame B636 0
23 B 43ms
43ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 20 Jul 2021 14:28:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dv-measurements1549.js Show response
cdn.doubleverify.com/ Frame DF99 483 KB
87 KB 13ms
11ms Script
application/javascript 2a02:26f0:6c00:286::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements1549.js
Requested by: Host: hinet.net
URL: https://hinet.net/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:286::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e42489aee750681927e88591e25f9864dafbf032e614ad46e7a217a88180a8c8

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 19 Jul 2021 14:13:53 GMT
Server: Microsoft-IIS/10.0
ETag: "8026a94da87cd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89038

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 7EE0 2 KB
1 KB 85ms
68ms Script
text/javascript 213.254.244.20
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=103&ttfrms=36&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauDDA%5D9%3A%3F6E%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau9%3A%3F6E%5D%3F6ETar9EEADTbpTauTauDDA%5D9%3A%3F6E%5D%3F6ETar9EEADTbpTauTau546ddbeb4%606g_6eh%60eb%60f36h54geehhe%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauDDA%5D9%3A%3F6E%5D%3F6ETau2A%3ATauH63TauC6BF6DETau&srcurlD=1&aUrlD=-1&ssl=https:&dfs=332&ddur=8&uid=1626791335133406&jsCallback=dvCallback_1626791335133574&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=1549&tgjsver=1549&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fdce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&fcifrms=10&brh=2&dvp_epl=325&noc=16&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://ssp.hinet.net/api/web/request/&errorURL=https://tps.doubleverify.com/visit.jpg&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hpiXm4Fbmc7G-DFgbEg7C1&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322164953&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=11532566399&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=4398657.317116698&dvp_tukv=271487246495.2514&dvp_uuid=5052762.4604342785&dvp_strhd=0.3000030517578125&dvpx_strhd=0.3000030517578125&dvp_tuid=1247522621629
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1549.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e9eb32ffd3680e8e791dc3ec9d0e8ed39f7b92555537c5dd8bb2f22cd2bbc92a

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:54 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 7/19/2021 2:28:55 PM

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame DF99 1 KB
1 KB 26ms
11ms Script
text/javascript 213.254.244.20
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=127&ttfrms=8&brid=97&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTauDDA%5D9%3A%3F6E%5D%3F6ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau9%3A%3F6E%5D%3F6ETar9EEADTbpTauTauDDA%5D9%3A%3F6E%5D%3F6ETar9EEADTbpTauTau546ddbeb4%606g_6eh%60eb%60f36h54geehhe%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl9EEADTbpTauTauDDA%5D9%3A%3F6E%5D%3F6ETau2A%3ATauH63TauC6BF6DETau&srcurlD=1&aUrlD=-1&ssl=https:&dfs=332&ddur=8&uid=1626791335202804&jsCallback=dvCallback_1626791335202237&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&htmlmsging=1&chro=0&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&dvp_isOnHead=1&jsver=1549&tgjsver=1549&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fdce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&fcifrms=10&brh=2&dvp_epl=325&noc=16&ctx=13311291&cmp=9689862&sid=2641434&plc=280410797&crt=123744728&btreg=474523622&btadsrv=doubleclick&adsrv=1&advid=2276943&errorURL=https://tps.doubleverify.com/visit.jpg&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=4398657.317116698&dvp_tukv=57482403647.60543&dvp_uuid=38027223936.68627&dvp_tuid=1468701112999
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1549.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 07807963031aa91b1d4644ba9cfbc1b0a624d76d5b5240493ab5fd1f51ed8748

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:54 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 7/19/2021 2:28:55 PM

GET
H2 200 dpixel
cms.quantserve.com/ Frame B556 35 B
462 B 14ms
8ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFI2clpIlcG08sCxL8Mtqcs&google_cver=1&google_push=AYg5qPJmlAcFifMGBTYSs76R1y9H4XAzGCJ3ZAzSnj7GTegg3rLUNRJNZaXiFmKLTZyj2JoHjRRjMVLAvevYSMZ27U2rQOv4j64_

Requested by

Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:55 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B556
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLrtjen...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPLrtjen...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MjAxNDI4NTUwMDA5NjI1ODkwNjA2OA%3D%3D&google_push=AYg5qPLrtjen9UN_WiUqEAUYL6NMXd9idlRZWF4PTu4ozP8xbH3fdlqsggoNAnxPBPJlaY...

170 B
195 B

20ms
20ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MjAxNDI4NTUwMDA5NjI1ODkwNjA2OA%3D%3D&google_push=AYg5qPLrtjen9UN_WiUqEAUYL6NMXd9idlRZWF4PTu4ozP8xbH3fdlqsggoNAnxPBPJlaYEuRE9yFjTb1weWohyoiHhNGxR0u-jL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTA3MjAxNDI4NTUwMDA5NjI1ODkwNjA2OA%3D%3D&google_push=AYg5qPLrtjen9UN_WiUqEAUYL6NMXd9idlRZWF4PTu4ozP8xbH3fdlqsggoNAnxPBPJlaYEuRE9yFjTb1weWohyoiHhNGxR0u-jL
pragma: no-cache
date: Tue, 20 Jul 2021 14:28:55 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Tue, 20 Jul 2021 14:28:55 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame B556 43 B
608 B 43ms
15ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFS3fJ375f10CHuJNJCBJHg&google_push=AYg5qPJr17C0bPfjWMQa7LWvTIyFubfJt-D2P8v41JoW_FA047dVNmc-Nr7Gd_7b0Lt4ZbLDzN0G6Lm1YU3GRVqs0pQIxF7nVxN7&google_cver=1
Requested by: Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:55 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B556
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEDQ_3Ol_9dFmyqg_Yf6wxOg&google_cver=1&google_push=AYg5qPJ4FCTQD--hmlxYxW9goaUq36wCeJpFAlOWnxvm7NvY8_8EMdPhIao6eDVadxyUyx3neFBixD9wGPnFmkl1YJuAquOftIkq
https://rtb.openx.net/sync/dds?google_gid=CAESEDQ_3Ol_9dFmyqg_Yf6wxOg&google_cver=1&google_push=AYg5qPJ4FCTQD--hmlxYxW9goaUq36wCeJpFAlOWnxvm7NvY8_8EMdPhIao6eDVadxyUyx3neFBixD9wGPnFmkl1YJuAquOftIkq&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ4FCTQD--hmlxYxW9goaUq36wCeJpFAlOWnxvm7NvY8_8EMdPhIao6eDVadxyUyx3neFBixD9wGPnFmkl1YJuAquOftIkq&google_hm=eDRhOOSwyXIbYvqcWPToIw==

170 B
195 B

19ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ4FCTQD--hmlxYxW9goaUq36wCeJpFAlOWnxvm7NvY8_8EMdPhIao6eDVadxyUyx3neFBixD9wGPnFmkl1YJuAquOftIkq&google_hm=eDRhOOSwyXIbYvqcWPToIw==

Requested by

Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:54 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJ4FCTQD--hmlxYxW9goaUq36wCeJpFAlOWnxvm7NvY8_8EMdPhIao6eDVadxyUyx3neFBixD9wGPnFmkl1YJuAquOftIkq&google_hm=eDRhOOSwyXIbYvqcWPToIw==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: hrupd2479rfvjlr68ve6ehr3uirq1fkh

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B556
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Y6eMR8UBQnOOBMnbeEKJZw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
195 B

17ms
17ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Y6eMR8UBQnOOBMnbeEKJZw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJgFw_HibkguXbvxtZehsE1TQkKTpY7rv9zB2lRJRZ9jQ5W69dcGklatmLajWQlQHRvU7Xid4QBJf_uplm9LJ4IYHoHypQ6

Requested by

Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Y6eMR8UBQnOOBMnbeEKJZw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJgFw_HibkguXbvxtZehsE1TQkKTpY7rv9zB2lRJRZ9jQ5W69dcGklatmLajWQlQHRvU7Xid4QBJf_uplm9LJ4IYHoHypQ6
date: Tue, 20 Jul 2021 14:28:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame B556
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBWRLvrN2xMOcUsKQwXQvds&google_cver=1&google_push=AYg5qPKtglKIRQsdu6LE9m6xJDMyv-Xqmqud00VtlhHCGqzMrq-amcv7cEmMFanmdnvJfExYDlJ...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JDNUszU1AtSS00MkZL&google_push=AYg5qPKtglKIRQsdu6LE9m6xJDMyv-Xqmqud00VtlhHCGqzMrq-amcv7cEmMFanmdnvJfExYDlJwowKkooDRanCXEbVrsJA2JPXu

170 B
195 B

20ms
16ms

Image
image/png

216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JDNUszU1AtSS00MkZL&google_push=AYg5qPKtglKIRQsdu6LE9m6xJDMyv-Xqmqud00VtlhHCGqzMrq-amcv7cEmMFanmdnvJfExYDlJwowKkooDRanCXEbVrsJA2JPXu

Requested by

Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1JDNUszU1AtSS00MkZL&google_push=AYg5qPKtglKIRQsdu6LE9m6xJDMyv-Xqmqud00VtlhHCGqzMrq-amcv7cEmMFanmdnvJfExYDlJwowKkooDRanCXEbVrsJA2JPXu
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame B556
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAu...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B556 0
50 B 17ms
14ms Image
text/html 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KlKW7NlZscmGTE6tn6mgeoc2yzDSSkiFNFC0SyE_o0MvAB3pqU_aJueAwVMmuJtQmivsKE

Requested by

Host: dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
URL: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3-29 200 b2gEWd4q8RfC2rkV4tdKCipW-yVpxc52qP_nX5010Jw.js Show response
pagead2.googlesyndication.com/bg/ Frame 5992 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b2gEWd4q8RfC2rkV4tdKCipW-yVpxc52qP_nX5010Jw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f680459de2af117c2dab915e2d74a0a2a56fb2569c5ce76a8ffe75f9d35d09c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 19 Jul 2021 08:20:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 108485
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13336
x-xss-protection: 0
last-modified: Tue, 06 Jul 2021 09:28:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Jul 2022 08:20:50 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FFD4 0
24 B 45ms
44ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021071301&jk=1615245388954499&bg=!wMOlw4fNAAZjFomlYxY7ACkAdvg8WjMnDvb-1CX6yCMWOac4tQe0e0G6EeGT4PijV3HijobWqoGqzgIAAAF5UgAAAINoAQcKAPVRuzPiZ6SzpqhNVKrNhO6U-4y4Q6rOz7T9VR6w3xTk1MCvvaOgh7Kt7Zx5Zh3Le89ie_yvhrciLHRbUf46kv7nsttF56OUA9tFqAUpJmlIezCRSgeE2r88KXDMMpo1NH8XMPOPoaVla8VR4Z3bFUO3b-9yoH8HlTvvHGwt33rbZHsoSswV_ZGOC9rSYdPQnnAO97bIL_0Ch6t6zW0rc2JAinnzVpkRyMTj8mlSsIiisntP15S08DENUCQSKm_7txMWDGRf8Yq8kCVrxOsgXGA7r9XaP8VIGhLcHtqX7RbuzPGdNep3QB7c5eIZkTxNvybzuGihvpkCgTHRDQjZPfMypPvHLPr5POV3cFw0IGSCPJwoICCDDOExGTz-TpvYzNHoD2fFWEecb4vi7IKr5YmF3lUuv8eryjaz-vsIZPczdFQP2yszfkuNd3Tu4-fP_7ETL3k9ttnkxjYT5pZHvKQNusG6H5KIbjy56BKPIe9wLmzHIlytLYUaefh2VrjB3Gmj8gEtYA5oUiF3mSusBwRv0mUdQH0kngGcWQdkMNS9MOSFDwKKW0RVDAhnL5VVTlFF40rzt-tmGSZEUlvN2bqq4XP2Q93SZ2979Ff2TXwDjYcqGeDGqTFVt782aQDDirUJ1Zl3e4rJ_WpJwJGF0BtzywyOrH6ptx3udV5Fk9vP74XJ6JjbaREcOotqKYi-QjBw0cQ8RG8cVnuJCBblKPesO9bhAhWn93d0RmAS5rPUjNEWfLhgJjNMplar5ljqSA2jr5LpZNXCW0Ql4fN-46Hikysd_uE8TpxCbKI1BJDvTP0V-OLYlLIlPoNuORHUbs9IchrWSXgjS9PDJN5OVHVERzt2dvRjUOQloq5u7xJV0lvg4lZidkMkpDX7gWFHDs8DlDiWN6gn2R_eGBEF6UtTtqpC0RbFr2mRWw5YG8kgOfxXv_bX7I3X4lMOUhv6cwU22q6uAKlOs7v9oejTcMhVKygNoegJD8ONV3j98S-tGfIUY0Ttyj6qGuOMJrvqJMB22_R08puqJwBz9vZ9v-C2SCb15RVEFuGESYG2yAtEk4M4SkR6-ZpiUG0t1W8ukFq1WjlRD_J5PFK32tcwHg17cUe5XCh3IlEWES0uhNmq8eDeMm2hio-FfEIAJ9Yg1YnxHF-WBrbNqT9RbhuiJoz68CzzQDfYXj6Z

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DFB 0
24 B 45ms
42ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Byy_ppt32YOKTJoSGlQe04JWYCwAAAAA4AeAEAg&bg=!-vml-b3NAAZjFomlYxY7ACkAdvg8Wk-oPOAEUqT0XJxwg7oJVXXqDZ_pvrsetU1R2xQIvRRHZSMNVQIAAAHlUgAAADZoAQcKAIkR-BqdHuvYFBKFLgRwAzqsN9e4h2HDb7fg7ExMJLolUmLYX-MuT_oag3Mbli9eXZNbWxo-2TCHZlsd8RV-5XyaynJozOKj5z-CSLTv-K11jURmBPDPwV4mNl0QWQ7KvAjVlWdNZCbcbvMvAEtyngpWjbdP3dXrmtBsg7EylPvRHQDJ64ozCdJdM5kC0GX5hMuS2N_uhqbg6IX4gC1kOIyZBgVjMSkatfAjdJtcbNyTEH1_QAij-ybS955PvinL0-fIjGJZ3l0stLKgudNBcMQc4dDQnTAVT6kN8Zde8za__LwgNC9tAPX9U4P_5WVwEY76uQNQNKZZyXDWH1BPqmEUrdR_GTYtKqtgdouaBVHhoXpaz6B1XhOYJmuV0FirL9xeHcq2xwIcLysXKAz6scCKWVa1bhFONJ6LSfVxykAklcmYjXaiKEj9Dmyvw_Rd5ZGL79BFQMO9VUqU0QUeAwFzs-apTne-drh9T9sY3xu3mY65N6FUfpkm7Oag2vl8MMbU26aySgwUE3xJdrdpwn6WC-9HFVvyP9X_ztMmMfwoZ9d9nxNe3NT1EWabCCucN4oIzWbvgHf3id4J9YyyvB_jjCncy7VSBfQwO6Jxc_GbnxcFKgcajkRPwOCuJhnZoiWt2p4YyQAjzALrTLbXQGjtB6a9QXA687Pk4rpJmuySA7dV9DrH30e3W1KLSXihxH-6KXRXq1aJ2c72PQffbenX1A4n7hr3_kAAQX2Wp5w9lz16yXStqSTR4eDoBRFe8B9V2kXhi8P9bp4iGFjf5pTV2p_GZJfa7QPtmClyCMtWXE2tnFE83rBoPT2-hDUqOAsgduuChtIDWRJ-JmVgMJgvLvryAnTR3HDhQGB_iCPFegn-x8Pm4AQudaJ3w_3l017n773cZ3B5IMixYsm6_ginZKheMsktGxu5hgQWTk_OVTJT2zGfDlMjjZzXOLz6ASJLq0r8blhJqMkAySl-V5sZ8wIXEDbcY8FbmtCPnrInkg316Q-BU1adnbjUaPWzzQZXrwoXv2xNwd-ggJAIq77vEwboVwrd8s3CnsJZA9M-l3lsu6W-PdEu0Pu521BaLQvvC3WsKrmy_CDKiE8-zOufuoTT1GuM8Jq0GQmoJzBTJCKN1Reg03HwaSGZ3A

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5992 0
24 B 42ms
41ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvztGpt32YIjnM5aNrASjw6HIAgAAAAA4AeAEAg&bg=!h4SlhMDNAAZjFomlYxY7ACkAdvg8Wo469tPvLg9j5oy-HyEE1r9knDLzdKfk05j5ig-rH4CQiTKZ4gIAAAEBUgAAABFoAQeZAtrzSgZPIZcItXfFxHtdrYjysY85IB0o3h5YK3LdW5iFNCzD8q_NQsnZM-XexZ0zY8Dur_0odj0atKk4ZxJZgvqCSvYWIWt0YIUyz4C139GLObY0XUr6J1YsEcdXfrrpiwYc6-ev3N01g8ov2l1XoE8QUXtvRufRetwfNlo-6P2eDtagOqHKBoeCP4j5re-dRphGrmgIxd6ywSzJtWxrx_mn7pi5ImukCZzW9OvKh-g3IP5XlhfJMy4k476FkCI6lFWUYPILVtP1IDxnoJBQo8iG5Gue31PI9WTHtqVz_H9v0DIvYHeBOrYqYcu1Eos1yvsGajb7bzTTsUFMO_FRR8hecXqqNeeXe94XUYp6V1utgL9KwvxxonSiWDpPnWP8wzRtn3vd_u0b5-MAu0g_HZcLGoOV6rpmzKiv91kbJ8yuGcyt9v4p6tLJzau6-KWldAIjrSXfBcrLx33lBeM5LCYqb8fs-CAVdumCjMxspcP5bDtiR_DRIP6LVmhdl-MPgf_YwTvtF5PfbYcVnJcE_9BBfEP8QND1UZ0LriPg8n1jafpbmo1y1IuPIJgRTpcM7u_PGuwNp2iyCo-wXAUPxbLU2Hmc5-JgMjFEiyi-d2wOHp97W1j7dSsD0lMbYZYZ-B88NqxcTXf0Wa3dGuA4Tkkg0kAu16RURLKOf6sjjnC95MgVAUni6gnHLzH2-F_wijoQpV-Z_Vcxeso5pZ-wsLy7tEeMQKXuy6Rz-nCi783-xr8kCN2TfxEd2yBmDAWOkMBY5QQl1uC0wJoKvMuokcMZPKyMVtovvFcWUeeVFFhxYI6R_mXUbTlTGPi4-Aj2_NXLz52dvk4tXdY3pEezTlA-sQjRUwx1CsdCnHH-7ZyNueDQLye_1cvrGlUiVONpca8VppMlQiIzttgHgbf8N9icdDHFlW0DOwE18nfUJJTq-Qabzw0ZdEHTHRBJU8BNrtXx0BXpTs1OYQP0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B636 42 B
64 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssvaQ58BbIXr_BxNJk4jvzFJ7yhVf6lQ9MZ6jfv9IXdmOGdVXOZQLUIuBS94wpQ2mELU4hMJC9JAHixkXYoREbwB-XSPQGP&sig=Cg0ArKJSzNkhGqcXCX_8EAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=627852508&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B636 42 B
64 B 46ms
45ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssQkdMQgInADvII372gvNCA0OrjEha0nIeu6LCSsPAT4AdiFma4yVGJScz-BAK_UrR0WRnxdbSPw208ywvwL-yU2L8WjL4v_K6slR3RAIl0dfBz51usbl7chsr7Rw&sai=AMfl-YTGibsAP6UyVcU4WKOSIg8h-psvrFxBi5zLaMBPYapWnnu6TzW_8KWx9niO_406euTc8Om1gugMjCgd7taqJfYaOEoLBWA5XZyKFALCQxdO-K-76tq4DxyhdtEZ&sig=Cg0ArKJSzE5g8IfQoCRBEAE&cid=CAASEuRoTU90F9yfyevRPYiTDhEJyw&id=lidar2&mcvt=1002&p=0,0,254,300&mtos=0,1002,1002,1002,1002&tos=0,1002,0,0,0&v=20210716&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&app=0&itpl=20&adk=2278012217&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1626791334591&dlt=15&rpt=397&isd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:28:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK data
b199.s79.research.de.com/ Frame 363E 43 B
308 B 34ms
11ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/data?/mnjwGj7AAl2yFuvFfhFwpFTkzFARksFAQtjFXvRNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:56 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Tue, 20-Jul-21 14:28:55 GMT

GET
H2 200 v
ad.doublemax.net/adserver/ Frame 6F36 0
91 B 835ms
265ms Image
image/png 54.65.74.248
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.doublemax.net/adserver/v?id=c822d4b7c323faf2893fc08a50fa284e-12196&duration=30&track=1
Requested by: Host: ssp.hinet.net
URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.65.74.248 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-65-74-248.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:28:56 GMT
server: nginx/1.14.0 (Ubuntu)
lst: log st is 0
content-type: image/png

GET
H/1.1 204
No Content viewable
ssp.tenmax.io/supply/tracking/ Frame FFD4 0
206 B 249ms
248ms Image
text/plain 211.21.190.218
HINET Data Commun...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssp.tenmax.io/supply/tracking/viewable?bid=cf540c60-e966-11eb-b88a-d77b7347752c&chid=355dfccdbede4309&sid=562201f098cf4a9e&noAd=0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 211.21.190.218 New Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 211-21-190-218.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssp.hinet.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 20 Jul 2021 14:28:56 GMT
Server: nginx
Connection: keep-alive
X-Application-Context: application:prod,aggregator,build-ext:58070
P3P: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1 200
OK bsevent.gif
tps20512.doubleverify.com/ Frame B636 807 B
1 KB 9ms
8ms Image
image/gif 213.254.244.20
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20512.doubleverify.com/bsevent.gif?impid=093a2e92a44e415bab952f56669acbeb&pltfrm=Linux%20x86_64&cbust=1626791336772336
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:56 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 7/19/2021 2:28:56 PM

GET
H2 200 third Show response
ssp.hinet.net/api/web/ Frame FFD4 0
223 B 241ms
241ms XHR
text/html 203.75.214.200
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://ssp.hinet.net/api/web/third?c=2017004&s=201710000009&th=71&wc=2321
Requested by: Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.9.1.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 203.75.214.200 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 203-75-214-200.HINET-IP.hinet.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: */*
Referer: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Jul 2021 14:00:10 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ssp.hinet.net
access-control-allow-credentials: true

POST
H/1.1 200
OK event.png
tps20245.doubleverify.com/ Frame 7EE0 67 B
492 B 24ms
8ms Ping
image/png 213.254.244.20
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20245.doubleverify.com/event.png?impid=5273a6573275472c8be9e5670974ac88&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_t1stMsgD=109&vdur=86&eoid=5&msrjs=1549&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&ttfurm=2173&cbust=1626791337275721
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1549.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:56 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/19/2021 2:28:57 PM

GET
H/1.1 200
OK data
b199.s79.research.de.com/ Frame 363E 43 B
308 B 13ms
11ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/data?/mnjwHOOBATkzFARksFAQtjF/zJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:57 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Tue, 20-Jul-21 14:28:56 GMT

POST
H/1.1 200
OK event.png
tps20228.doubleverify.com/ Frame DF99 67 B
492 B 41ms
7ms Ping
image/png 213.254.244.20
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20228.doubleverify.com/event.png?impid=c88ff32efdf948508e06fb6a1087cce6&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_ealrgx=1&dvp_ealmp=1&dvp_ealslr=1&dvp_t1stMsgD=16&vdur=26&eoid=5&msrjs=1549&pltfrm=Linux%20x86_64&isvelg=1&vit=2&engms=1&engisel=1&ttfurm=2100&cbust=1626791337295930
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1549.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:56 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/19/2021 2:28:57 PM

POST
H/1.1 200
OK event.png
tps20245.doubleverify.com/ Frame 7EE0 67 B
492 B 8ms
7ms Ping
image/png 213.254.244.20
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20245.doubleverify.com/event.png?impid=5273a6573275472c8be9e5670974ac88&gdpr=&gdpr_consent=&msrcanlm=392&msrcannum=3&eoid=7&ismms=46&isumms=45&isvelg=1&nvr=6&isgmmims=46&isgmv4mims=46&elmtp=6&isbxdms=2247&b0=100&b11=2225&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2325&sftb=2325&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1046&isuiabvms=1046&isgmpims=163&isgmv4dpims=1046&ispmxpms=1046&engalms=44&dvp_dpr=1&cbust=1626791338275818
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1549.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:57 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/19/2021 2:28:58 PM

POST
H/1.1 200
OK event.png
tps20228.doubleverify.com/ Frame DF99 67 B
492 B 10ms
10ms Ping
image/png 213.254.244.20
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20228.doubleverify.com/event.png?impid=c88ff32efdf948508e06fb6a1087cce6&gdpr=&gdpr_consent=&msrcanlm=394&msrcannum=4&eoid=7&ismms=16&isumms=15&isvelg=1&nvr=6&elmtp=3&isbxdms=2115&b0=100&b11=2136&adhgt=250&adwdth=300&norwdth=300&norhgt=250&engisel=1&vsos=4&dvp_vsosnmr=16&lftb=2236&sftb=2236&msrdp=7&naral=2&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1015&isuiabvms=1015&ispmxpms=1015&engalms=14&dvp_dpr=1&cbust=1626791338294368
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1549.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:57 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/19/2021 2:28:58 PM

GET
H/1.1 200
OK data
b199.s79.research.de.com/ Frame 363E 43 B
308 B 16ms
14ms Image
image/gif 136.243.6.97
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b199.s79.research.de.com/data?/mnjwIVwBATkzFARksFAQtjF25JNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.6.97 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h243.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:59 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Tue, 20-Jul-21 14:28:58 GMT

GET
H/1.1 200
OK bsevent.gif
tps20512.doubleverify.com/ Frame B636 807 B
1 KB 23ms
22ms Image
image/gif 213.254.244.20
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20512.doubleverify.com/bsevent.gif?impid=093a2e92a44e415bab952f56669acbeb&mascid=krc5k3g24a8p5sc3bjh1r2yioj1o1oqg&dvp_masver=6&dvp_tisf=2&dvp_t1stMsgB=409&cbust=1626791339777782
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:59 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 7/19/2021 2:28:59 PM

POST
H/1.1 200
OK event.png
tps20245.doubleverify.com/ Frame 7EE0 67 B
492 B 14ms
13ms Ping
image/png 213.254.244.20
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20245.doubleverify.com/event.png?impid=5273a6573275472c8be9e5670974ac88&gdpr=&gdpr_consent=&mascid=krc5k3g24a8p5sc3bjh1r2yioj1o1oqg&dvp_masver=1549&eoid=8&cbust=1626791340378869
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1549.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:59 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/19/2021 2:29:00 PM

POST
H/1.1 200
OK event.png
tps20228.doubleverify.com/ Frame DF99 67 B
492 B 8ms
7ms Ping
image/png 213.254.244.20
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps20228.doubleverify.com/event.png?impid=c88ff32efdf948508e06fb6a1087cce6&gdpr=&gdpr_consent=&mascid=krc5k3s0b7l5a6ntmovds7dfft30fnwp&dvp_masver=1549&eoid=8&cbust=1626791340434907
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements1549.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.20 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 20 Jul 2021 14:28:59 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
Content-Type: image/png
Access-Control-Allow-Origin: https://dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Content-Length: 98
Expires: 7/19/2021 2:29:00 PM

GET
H2 200 dc_oe=ChMI3OXW--3x8QIVGZh3Ch301AgxEAAYACDK3rBJQhMIxKK6--3x8QIVUKh7Ch0IuA3j;met=1;&timestamp=1626791342545;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 363E 42 B
515 B 78ms
43ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3OXW--3x8QIVGZh3Ch301AgxEAAYACDK3rBJQhMIxKK6--3x8QIVUKh7Ch0IuA3j;met=1;&timestamp=1626791342545;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jul 2021 14:29:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.aralego.com
URL: https://sync.aralego.com/idSync?redirect=&ucf_nid=dsp-6AABDA2D3AA6EAD1E94E9442DE6444A&ucf_user_id=83ccfda7-9738-426d-8165-63690138a0e5

Domain: pmp-beacon.apx.appier.net
URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=apn&event=pageview

Domain: pmp-beacon.apx.appier.net
URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=pmp&event=imp

Domain: pmp-beacon.apx.appier.net
URL: https://pmp-beacon.apx.appier.net/v1/fpc?type=apn&event=pageview

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPJJvyEBK_1BpvkF9K62Sao-zcy0W86xMT580fqTactzmoj_12Prw245A7bpq_DFCesQcRHiDc8Ok8lxe5R06wTDt6DfZbM&google_gid=CAESEF7ePfWC4gtFuSAiuYALULk&google_tc=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdo5jCQk693D_VKangEwAABJ0AAAAB&google_cver=1&google_push=AYg5qPIfFEgNUvNO8JVpUuTWZ0iQjXqZ7xsAFurYZEYFfyKr0Q7IVUcAtmwhqXNvxjN11YIwXMINpof-M6B7Ywl--enKq3u1_1o&google_gid=CAESEMKqjJH0jvXauA70xcvAd6k&google_tc=

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YPbdp3HYBLD1ZiDlj70ctAAABIUAAAAB&google_cver=1&google_push=AYg5qPL-xJzuVXac07DWaRsVCI2h9YeaaQ5r0HK77k8IscaWOTmdSdoPc8rVLcf0y9GYh8z9nzAue-Xox5TQSk1kuIifE3TcK30&google_gid=CAESEI7k0DK-wfmyBJHnUWq65jA

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

24 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://player.svc.litv.tv/all.0841cdc8.js(Line 48) Message: [object Response]
console-api	log	URL: https://player.svc.litv.tv/all.0841cdc8.js(Line 48) Message: Error: OutsideRegionError: get_url
console-api	info	URL: https://hinet.net/(Line 17) Message: SSP AD show TXHpg
console-api	log	URL: https://ssp.hinet.net/api/app.js(Line 173) Message: //ssp.hinet.net/api/web/request?c=2017004&s=201702000010&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=v9kGW&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017004%26s%3D201702000010%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791320215%26oi%3Dv9kGW%26site%3Dhttps%253A%252F%252Fhinet.net%252F
console-api	log	URL: https://ssp.hinet.net/api/app.js(Line 173) Message: //ssp.hinet.net/api/web/request?c=2017033&s=201706000002&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=3Oo4D&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017033%26s%3D201706000002%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791320215%26oi%3D3Oo4D%26site%3Dhttps%253A%252F%252Fhinet.net%252F
console-api	log	URL: https://ssp.hinet.net/api/app.js(Line 173) Message: //ssp.hinet.net/api/web/request?c=2017004&s=201702000042%2F201702000067&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=RvP7C&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017004%26s%3D201702000042%252F201702000067%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791320215%26oi%3DRvP7C%26site%3Dhttps%253A%252F%252Fhinet.net%252F
console-api	log	URL: https://ssp.hinet.net/api/app.js(Line 173) Message: //ssp.hinet.net/api/web/request?c=2017004&s=201702000071&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=vejKJ&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017004%26s%3D201702000071%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791320215%26oi%3DvejKJ%26site%3Dhttps%253A%252F%252Fhinet.net%252F
console-api	log	URL: https://ssp.hinet.net/api/app.js(Line 173) Message: //ssp.hinet.net/api/web/request?c=2017033&s=201702000064&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=lbuFq&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017033%26s%3D201702000064%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791320215%26oi%3DlbuFq%26site%3Dhttps%253A%252F%252Fhinet.net%252F
console-api	log	URL: https://ssp.hinet.net/api/app.js(Line 173) Message: //ssp.hinet.net/api/web/request?c=2017004&s=201710000009&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=lvtKI&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017004%26s%3D201710000009%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791320215%26oi%3DlvtKI%26site%3Dhttps%253A%252F%252Fhinet.net%252F
console-api	log	URL: https://ssp.hinet.net/api/app.js(Line 173) Message: //ssp.hinet.net/api/web/request?c=2017004&s=201710000010&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&ad=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&t=1626791320215&oi=zPNq9&site=https%3A%2F%2Fhinet.net%2F&requeryurl=%2F%2Fssp.hinet.net%2Fapi%2Fweb%2Frequest%3Fc%3D2017004%26s%3D201710000010%26u%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26ad%3D13ab05cb-cf87-b396-ff16-d596ef0cb2ed%26t%3D1626791320215%26oi%3DzPNq9%26site%3Dhttps%253A%252F%252Fhinet.net%252F
console-api	info	URL: https://hinet.net/(Line 7) Message: SSP AD noAd jsG8H
console-api	info	URL: https://hinet.net/(Line 38) Message: noAd
console-api	info	URL: https://hinet.net/(Line 7) Message: SSP AD noAd PaufS
console-api	info	URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll(Line 24) Message: SSP AD noAd jsG8H
console-api	info	URL: https://hinet.net/(Line 17) Message: SSP AD show z1udO
console-api	info	URL: https://hinet.net/(Line 17) Message: SSP AD show urkSO
console-api	info	URL: https://hinet.net/(Line 17) Message: SSP AD show 9g54d
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.9.js(Line 32) Message: a: 0.0009765625 ms
console-api	info	URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll(Line 55) Message: noAd
console-api	info	URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=13ab05cb-cf87-b396-ff16-d596ef0cb2ed&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll(Line 24) Message: SSP AD noAd PaufS
console-api	log	URL: https://banner-cfnetwork.cdn.hinet.net/js/tmp3/11.js(Line 1) Message: v2
console-api	info	URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201702000042&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=jsG8H&show=static&ca=&k=&cab=&kb=&mode=roll(Line 34) Message: SSP AD show jsG8H
console-api	log	URL: https://banner-cfnetwork.cdn.hinet.net/js/tmp3/11.js(Line 82) Message: 12196:32957:90700:c822d4b7c323faf2893fc08a50fa284e:7472
console-api	info	URL: https://ssp.hinet.net/api/web/request/?c=2017004&s=201710000009&t=1626791320215&u=d6af6140-7a1f-4761-9e84-150941d4d4d0&o=PaufS&show=static&ca=&k=&cab=&kb=&mode=roll(Line 34) Message: SSP AD show PaufS

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' http://hwifi.hinet.net https://times.hinet.net https://www.hinet.net;
Strict-Transport-Security	max-age=31536000;includeSubdomains;preload
X-Content-Type-Options	nonsniff
X-Frame-Options	ALLOW-FROM https://times.hinet.net
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1b8747ca3ec3fd419fac1823e81b2e8f.safeframe.googlesyndication.com
1f2dd3a35e71de738555c9c2cc8ddd9118173a8797217762ab63a9c3.trk.sensic.net
3f72d31bc121aa0f81b037d56f41bb69.safeframe.googlesyndication.com
599c16487379894a2d8e1353bc480a68.safeframe.googlesyndication.com
86bfa5140d01e03ef16e8744c9b1fa35.safeframe.googlesyndication.com
ad.doubleclick.net
ad.doublemax.net
ad.holmesmind.com
ad2.apx.appier.net
adcdn.holmesmind.com
ade.googlesyndication.com
ads.adaptv.advertising.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.com
adservice.google.de
adx.c.appier.net
ag.innovid.com
apn.c.appier.net
b199.s79.research.de.com
b564a7e3badbd705ed361b4bc7e3fbbb.safeframe.googlesyndication.com
banner-cfnetwork.cdn.hinet.net
c.holmesmind.com
ccm.holmesmind.com
cdn.aralego.net
cdn.doubleverify.com
cdn.holmesmind.com
cdn.jsdelivr.net
cdn3.doubleverify.com
cdnjs.cloudflare.com
cf.t.ssp.hinet.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
connect.facebook.net
dbg01.meetrics.net
dce55363c1e80e6916317be9dc866996.safeframe.googlesyndication.com
de-config.sensic.net
dmp.tenmax.io
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
e338583413426f34f084e5bf37e09973.safeframe.googlesyndication.com
fcm.holmesmind.com
fino.svc.litv.tv
fonts.googleapis.com
fw.adsafeprotected.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hinet.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
odr.mookie1.com
onead.onevision.com.tw
p-api03.svc.litv.tv
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
player.svc.litv.tv
pmp-beacon.apx.appier.net
portal.o2online.de
pr-bh.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
pusti.svc.litv.tv
redir.adap.tv
rtb.openx.net
rtb0.doubleverify.com
s.yimg.com
s0.2mdn.net
s79.mxcdn.net
s79.research.de.com
sb.scorecardresearch.com
search.hinet.net
securepubads.g.doubleclick.net
ssp-hinetwork.cdn.hinet.net
ssp.hinet.net
ssp.tenmax.io
static.adsafeprotected.com
static.adsinstant.com
static.doubleclick.net
stats.g.doubleclick.net
sync.aralego.com
t.ssp.hinet.net
tenmax-static.cacafly.net
tpc.googlesyndication.com
tps.doubleverify.com
tps20228.doubleverify.com
tps20245.doubleverify.com
tps20512.doubleverify.com
v.holmesmind.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
cm.g.doubleclick.net
pmp-beacon.apx.appier.net
sync.aralego.com
103.132.192.30
107.178.241.176
13.224.193.126
13.225.74.66
13.226.145.101
13.226.145.23
136.243.6.97
142.250.184.194
142.250.185.194
143.204.205.120
148.251.47.75
162.210.196.208
172.105.221.240
175.41.232.18
185.33.221.91
185.64.190.78
192.229.221.28
2.18.233.67
2.18.234.21
2001:4de0:ac18::1:a:1b
203.75.214.136
203.75.214.159
203.75.214.163
203.75.214.200
210.242.135.3
210.59.219.181
211.21.190.218
212.82.100.146
213.254.244.20
213.254.244.21
216.58.212.162
216.58.212.166
23.45.99.241
2600:9000:20eb:3a00:0:e06c:e940:93a1
2600:9000:2156:e800:3:cecd:5f00:93a1
2600:9000:2182:d200:c:bbc8:bbc0:93a1
2600:9000:21f3:5e00:3:1794:2540:93a1
2606:4700:10::6816:9ee
2606:4700:20::681a:567
2606:4700::6810:135e
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:800::2001
2a00:1450:4001:802::2002
2a00:1450:4001:808::2006
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:813::2004
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9b
2a00:1450:400c:c04::9c
2a02:26f0:6c00:286::4469
2a02:26f0:6c00:2b2::4469
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::485
2a05:d01c:1d8:8101:939a:325c:ab79:c5b3
3.115.39.7
3.120.211.246
34.246.227.69
34.95.67.231
34.96.119.68
34.96.74.134
34.98.67.61
35.201.76.93
35.227.252.103
35.244.174.68
52.213.111.123
52.57.142.16
52.71.1.191
54.65.74.248
54.77.67.228
61.221.82.10
61.221.82.7
69.173.144.138
82.113.101.132
88.99.148.145
0079676b5881442c3f04a1e70afe5117e76e94b1bec5cd1312ab886caaaa3eee
00a98dc5843fcd1f5311446faa5eedfb148794875dcd146ff05088cf0520e581
01d2978416f3e4b7af031663240740b9652e9bcce485a85090f4c6bcb56b312b
021953068d9eba9039cfaea4317c53e281d47810682ec03fb41391d028b4b84b
02e31402dbac2b6b19d2888d5db9e2fde1f773d512a0aa47fc2b42bd9e5aed3d
030496f376766011e52225aaf15aa20a3eda52ba9777b587a751fd057e18df4e
051a4eca1cbb7c8805962eb714d34da9ca04bc3c6d85bc602ba035724500be72
0537874b742c674b04fad914acd2c50ef54fee1a960a0c445f07f5a8cf2501fb
057a59d0cd90e6a6c767ac5a08883116fae72ebc7e0cbe47c09fc70fcae172de
071671f5f182f51ce4746e88c31b09d1e46cb7c4987e8a23a0fba56f066931db
07807963031aa91b1d4644ba9cfbc1b0a624d76d5b5240493ab5fd1f51ed8748
07aff0202766e66a13ef453dff3c6623449bf499dc6c0c331bec4ff637c42961
0807aea7026353462371e71b790d09695c9a27d36cbd97e9dcbc9775b432d330
084c0a5ef3734e18f99e9c2094f2fd1bbeaad9df74a9238c452c7dc3f9524b1f
0985fc9e6c924f671da4352346a551e7171d01be5c16aea4a2e9f966edc985f1
0a088ea4d3c9cbb0997e9dec52804f3549dd2bb2e040a26aeff6d947c6113f40
0a126407c0f3afd6b14dd61bb7822e5d3bdff2d18d432366fed4ad209824e154
0a60e45fe62d4f55ced27a7f78bbc29fe313ae8d896ad308a037ce2803178a1c
0b1ee025f710009cb91b9673d2d1af6d4aeef19e6e118c570733708c6e4cc083
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0beffdab5eb3e5bb2d2bd0a0222d54397a2583b3a8b5681cf353d5f35f893afe
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0d6b4f004b4a0f5e78f2263f634c74874759eeb4cef84aa22b71f03fd2926284
0e5930652548cc40221deea0910a8a8c8f2ae9edadc7f1448353d000fae8bb6f
0e72e716b977d3e3c27f3080350303a19d88f9a1f1edb97c0a20bebad6927903
0f1baf9ccbb73ca6f712634504b7f1c1db0cfdb4ae6157871dfba0cc819a209c
104be199952a234c2e106d23c94f6006439d0f746985c1b3b1710c659e8b74f8
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1111480d07de289d56c041ee870e5bb60b713985841bcd5aedefa98936803ee6
1130c26caface5cfa7b2d0cdbbb70cdb3004c582e74969d580216f65596c47c1
1150574a8a9e2628fb590ec6c4563ad7f39bd06032cfb3a693982c3ed3d0159c
119b6b2dd61cabb9f76a3d8797ec22630a27c6eaf5a3e28ec8dda41542be5a5e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1292d86fc4f0108bbab5b1db31747777d540ef45b5d8ad812da6141616b2e2d6
13263809d85935164b1711048eea2ca9b6bcf161bebce195bf2e5925dbfaa9d5
141acbd7ca859acce0409e6f41dfe2d56925388245259ea414cea3a7592a0442
170c6a1b32f30c7babbfdad1c81cd524a8c30f9bd595c730d0c3a8dc1703fc11
177dafa6c08a59b00e569a24ddedc1a9a017145b42ca396dbbe76fc8f617a9b9
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1976c7bda247ffd809b89b7df9e94e551e7450ffeea7fe9a8499951d6eea88be
19fd9f8950c412f813c518d74a6db2e17a47708d686a250d0b9aeb1a1d33e3d9
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
1bdbf5e427949da5699b27d89666dd5bc0d3e1b00823f9e934e6174660731957
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c67fed2fcd2cb48bc8991e05435f7f77175ae187fb158b129d00cb97f6934d6
1d1f72525aa79b136df7b4eef71da15f25f73ce1b6830ebd9e2809d934e52187
1d4059eaf51c97949b042222d29ebfaac1fab2bc31252d7de2e9c8cefc88c9f5
1e15f65bcef05f2ea9f54e051da9bf7e6fc9eb00a669905c9ed33f4fd7ba26f7
1e529912022bd16a5438c30df717862ae7a63e74567e17294bd0dab7e446940e
1e721024c24b747f83d825736f949a0ce5aed9525c586e7b37c60a19db45b490
200c71e1571c47f3913bc0ceb69da40483c43ebc7c4d4c25aa8aa4a9adb688a5
2059e126f52ee7df76dbee3e5ddd6afe884c3c6a22ca5e35459202dfa8684fc7
2076d8986167ddb7af354ecca62d7c20cbc8eb8ee538b5f7f1fb8573d0b8bf3d
208639b35ab3639d2b64850e2a032b716661dec3a704ee28dee16b56bfed6630
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
20cbe51aa556f8704bbada00f5ad25aecaf9329d08febbb133c2543cc2ba6f96
21b36803c38ba9b302ab2b9e7c48a59dd7e28b26a4562aee4bdad1b3ffec786c
22497ed853bb0e226d99400b7c220afb4e3663f103ae0255386983d9c9b0b593
224a41fd3d2960a3d05c2ecffdc3cbbc0dbafc1909f5aca5c62f952477c1213e
240d2927e12b8ebf6571f444b04ae7250275076657aa0569c1f07d36650cd430
24a2fd1c9f3d44f69f4c191de851111039b5a39b33ec1f468214cd5be6693024
255733387de4d011d043e4804503f8cb832b2b8f9a1c3fec64d8bc619460d6a6
25aeb31723a4be8458d817e6bf261b3ad25a605377ebe418edca2d33932f44b2
25bfbe21946744cc0813c5a60eabb938c7e8a20fdeeaa77609e76b71d93c2e5d
28248d4886fe85d725c1a6d3b2340a1bde6a7ffcadfac53ada50f78a9e707d5c
29ab4b961478dca398b65911aa35da32873642ad69f66ff106fbcd4f1dec6081
2a23c66a61e031b78959955ed3681550ddf8235b618f09cc7c561c1cd00f5967
2a87fd41597436af0e4160d453d7e8e2b4384edb15d2fdf2058de7c29b31e637
2ac900f3a7ab93df22b2ed7ffdf08f6866c76098805c08f38d4d5c0e70e4c2d7
2b16ba35e5187f8a497911c15869ed3dde1699b7cde356aab4756f79c5361b61
2b925a1ea7bc35eb469e00aafac345827bfc97a8002df1f5a27d8c40bde654b7
2bc2bd4fc81619ec327f9fedf784d0fb1895e251cc32bc84e900c649f2d3a649
2da1c650d45f011cd9a81f191dfddf0ee5f6becb61f06febc8bb96ede8e66df4
2e5e95d142f8aac59f9a58ce36d5598a81301dbf5bd8b99f2fbe2bee765b73d4
2ee5ef3f1b7b4fd70eb348f779a64da89cc8ab57bd48ca2e79ad7d1efea0c9ba
2f14058e002493c8edc86dc210649cb1639d2192472e8e1b42b7a494f93ad4a0
2fbcf64365f61368d992118a909f3b859422c871bb55f0f40e23f7d138ff8fca
30a3ff10c02fd69f1209bd9153c983a776c8863cb91c3effb4a1be7c9b80e1bb
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35137ab108d39f13c0a1f60bd881eadf537da8afde3a94597404a6a85414acc9
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
36e9756a9dca14da9896cdc72c32e6d5264763fcd59861a6290b69549da5f69c
376f6c554f20f590e06128798af747506af84676ffb235c768662b545450e62c
379971efb74e2925dfc767c1a775a402fd800868fcb6f8d42429c8048366f5bf
3870ba4446dbaa4af3b3d9b2be91e3c8e321dd1a464290270bf1b9720ddf1503
398280333cf87ce8a81bf27b72e1a4219af4b9f3d1c0b1b28d29c0ab72ace45e
39aac5640d326fd51d67f2f8ab0d8bd47c32e4b89346be41bff2c41152fb88c2
3bc03e8d8981cae41ada3b59435cdbb772e1e56ca22e09fc28b1061652746cdb
3c47ff9781e5c10d5b7a4edbd121682c9d6150251dfa4c0820f9939a70e623f5
3d4d71bf2d9b0bb0cc57d2218978e90d1a218ecce98398b10b6a840fd0dab802
3dda853f4ad4feb011861f13f75fcfda70b1134e74c524bd3f029215bda94263
3defbd562ab7c3c8cb55bd162581bb9004092f11375e080bdede6f8116feec1c
3f77de6ac80d68d5e5282a7f5e45e7dafeee9bded6451d6ca5eee628b4f88c31
3fd1aed61a89e7c327b3d84e909d0f2276f8dfce71cecd1e11a38a49d74b23af
40156a88da2c609b0cdec03ac522ae1d0fd11021a1b22cfd3c6c665162d70b4f
402757d2bf7766f239c264c6e85dfd6511dd6a32082943a44aef49618179005a
4096ad0359fd037b7358beca72b7bed968b0c4a2b2d34df80fb42d83f1b1d4ad
4100fc90c9045dcb587f65b7c6f098622370ecd85d18fe221a858868e1e0d5f2
41d2c7aceb88e3a97473335d02e4608d25844383c1128c8f3443a6fbedf079bf
440f95863ca63b2c7c344dbbef575afb85053871926fd680217a2cd02419ad52
4515ee5a035a9d5785b6a14cd9f25006b0ec897c8aa25869ff768f3399edaecf
457024657265ff5b23bcfbbe34a38fd5c226036884e4f04b590c7bd7ab1d3e17
45ca9e75bf0249dd53ca6b5ead588f9cab00a5231f8d529ce2c0979658fdbe61
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
46658070698149babb03b438896746e92ad7a3df0d7b53edfa93b5274eec5b80
46fc4158fe26f8d2f989c00a5d0c44530aa30bf478ab142f2441aaa2702c0c13
4776a2aadc14a00a48ad7da0c758ea69e033a6f3532e500ee04a7cac054573dc
47cdfd0d0b98c932d816b035996cd78f793456738d7e59f420d862d39d3aea41
480d5b26935e27640c98365cfc7bd4a663c82d2affb64ffae8a4bf9b01b5e9fb
48c563272302f4b88be16b4992e8933318cd2c80e0223f6e820cd5635f9671e6
48d2e6dc0ef8740947d6b4f93dc327e5cf8537d8829491c451904ff466c14129
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e3d3e209fc5bc1b96aadf4c709b25fa7d25b8dbfb00a6420f8d248d238501d1
4e9023b5386670a80bd8dcf12f060dc5a924f28bdb9caf8241990f18a9dc1055
4ea473f8090add28226b05a2cb22dfc9339f28205eff5543ddfad2d8847dbaed
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f8a01bfdb6a539b3e0929603ff1f9566ac2a5114a512b2815c30e84462c9fe5
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fbc8abb2d7aef9d315d11beff6fb162824193279952ec4ae110090ea63da1f6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51595f3a66321dcaa1147fd37091e4306eed1751e51f2845c038d7904a8b39d7
524727207e7310f1c32a1b0e828e1f73b193ac7b4707b0d6cb262ef1717f7a9a
52c5aa969d4d83f6e24e832be06940495b53aecdff9f2e1725aad861227457c1
53cd005363195a9c87b74ac8f259c97adb91f23066a0f6d1bc4b034e4031a4c6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558c137ae8d2421d46b2ced70dc3d8eb54a63544a53930b30a555b7686001c91
56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4
5730b1b8fca2281918235d3b6fc450f78839af597c137fdb162ca4c72d366d0a
59e3244058ea245473141f001bb5231f7171d3eca4ad5dd74785aae92fcf60b1
5a87570005efc696b50d36c551f5aa866f4a9c97343659e1389e289a0122c719
5ba2f0ad483cd2da35d12f5f6004fc2a20650cbdc21959ecdcc92e6c97ccb2ac
5c14dd462bc16763ca39a8430cc67bdf19c27ddcbf7f2613458be26d50b669d9
5c4b0bd23a20e98bda1a509c343784589774d3247d413031f700d691973ec100
5f07d43571a20235b2506061c9729d91179d32b8b3c75123aa8fcd45e60d7541
5f4e9d350b891a5b4409ef71bcf97414081dac71b063b7e9b4b8d97e91a6ad87
6058eb29e9bb8b7cd0d68f0d180a093941e971f4659092a70c99ca57827bc678
609465c8d8a51cdaf49fb6af1a215d11a5754aa6b492c54c6524678ac41151ac
610221045baec1cfe0ef7e2efd4a455d930e1f6c968253f85c85e2899e67035a
61beb04b463f9c4f5cce95ea3c5d23d28bf27184d8be6f4823332d84c07850c2
629a98377ffcd11285a16a860d60e7935641607caaff207897db5c286174a08c
63489ba4f2a3195fa3c3fc09b123f74bfdc05793c13d54cd081de96fb7706c94
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
65506c87a4e71875a107df7ca37f45ccfd40688cf8e01f65c7e71792dbd6818c
66c2a913310bce7cc1d77c07a2a4061fedf5a5ee260fde339525d00823d154a0
6b62d93177c585c840884e93fe16a445b0f5a2796f907adbd9cdb0e86a46b485
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c269fa0bcf62f50d781d2ffc36b670fcf049b06d3b6ec122ba8f8f62b38c706
6dbbfb30d85e1c7bf8427164c64760d53d9039987bfb3264f765d9353eb59090
6e686fe5df6b4d3de7bf9e1eb14f8a38393a799edc808785ef6c76f8b11b4b1b
6f30fd7b423939a450950075fe10ef1b31511905aea5cfa1d9e699ef33dedccc
6f680459de2af117c2dab915e2d74a0a2a56fb2569c5ce76a8ffe75f9d35d09c
6f9dda37d3285cf6d7c05e42f20d93d93f5f658676cb1951a1cf4da206fe5a39
709c9fb1ccffe894ddf44d190dfe85488297e65595d35743d2afe7b592291157
7142961a1ad7563f0016537a0cf6bc977bf8ae9fe60a0885fde76211ae3aac83
72a30a2e5f3998a585323394d28e4fd6b1c3e352c4b956c411f267d25e39a870
72dbecc00caaa372ea278d516a038d9e5f9561871eb1ddae60527af8b1837791
72e05e2b9663f192d248a1be27032bc54fe69d7d462c5debd23e58a5b86e51e5
7305b7f385f46cce9d54abb2317ea5e48d3049409e63e19cc675ee1cafe0b003
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
743c8064e2b1f38a1b44de4d4ac3a99bb9c11a69a16360433076b5d93b815181
74e5e11cd8453e9dd3df30335ade7b94f014e0e8617910a8ded49f715f4bb690
75db90865a5d77b29bb3ea3600a6f5b3805a2c53b2d634fb109377ca8cf5f793
75fcc3dfeb227633f84a6d3f955eff0cc03b1473bce083a055422c50c0062fdc
7683c9443430a94597d0f9040bd75568682b8d9d7de8feb249437978ae1f3a76
780ebfc3451246c1223e747fa6bafad1aaaa6c7aeddee3356bf302bbc2a0fb1e
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
792a170a290298277899acf5bf403fdd3ce5583043e76068a735627c123b59f6
7952f990b79ad142364494521ae1e8ead0fb8af9e70311df25dbe575b1fc85d7
795d2fb5712f97a8c8788d844c199fbc96ce7fce672eba4694aa265cc99cc427
79aa2ea675fee615ed72d18532ada370afa3486a35a0d3e367c81dbbc679ab4b
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e
7a8f07032557a4901abfe22a60f9a29cc729383a0a2db3b6fccf44cee9acce4f
7af321e007e961c23291b7097f01d3e2a00b9fd142545d18f5ff4dd454ed99ae
7b1916d5a5a97048327e74b168dd38fe0067ac06db81f57f72108f23410cff79
7ba1eee9803f9929376700a8065001dbda71dc890a08e3d6b50c851de0e927ba
7de6d8301cd970728c46d6379ab6b7aee90ba56a7f70dd9bf8257f20dba2c516
7f4c3a73cb131ac6d84b26e9248f3a79346a89ae9d3c4d1457872e185f6f6da2
807eca5d6d97f46185f82a512fc258072023802b57b3c1f04fb5ab895d4bb7da
8128514a9917b6dcdf20f7ee24d6b00a27b2a6aa0f971acb988f358f25ac4005
812fee8364370eb24b5e585558d3b0df4785cd95a76105c9e0ab987ff8d5cd84
8240ea20f4bb5fcc00f41228776b641b2128fccc99bc520497c13128a1fa304c
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8346e27008b3c9ccca917faaedb8535e3475d1cf22c06e20a00415f13ca935e4
83ffddbf18dbe1f2e22599404dcad85b092cc364be8b4f5e9b60e8dcfa36a3ea
84c030628d1055b664e080aadbb3903fb140338fc9d6aaee59123702ecd06ca0
84ec017d85d502a938100d08b1e37e847a7e3d6b5d5798077075cc52930a55c8
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
8720484e11204ae053301b6b2a87d4180a3cdd0247b85df1edb674ed94f6ce56
8745fa116553e1eb5a6577dc041ab0b0b3fe280115f6340a7b151b0ad9671059
8800bcbd88010747cedb2324df6c6c265c563b5939feb156e6003e79adb7be57
88457e06b8f9a387aa2da1c830dad1fce05a017a20a3167e4d1eb11f091a6f4d
887f063df27ef4a696d31ce39ffaded7dc0b18b2a7c82045e54bfa240c375fd1
8a3bbea4030e67771673bfcd17966159f1881dc56bbf67947f069381d00d28b9
8aafa0ac003f79e8406167f57790ddcbdfaa3cee71fa19316c66d2d8da6496bb
8b02c932a1571f099b28ac87a27785d47ed772c8b7b8d6953f3dbad43a07488b
8b6efbd35984840fce333495d275c9e497c135f606951d8d1c5dbb21c8f1a43d
8ccbe1d5faf2711b2aeafde10dc31b04fb32d443f0d694a5cfdb610aef135d50
8d0f249f244376cc817d2c8ddd435cf01b4ecbeca604946c5ae81ef0c8bb5834
8d45fede62e78272c9c77c96f94ae3de83b66a8697e90b412625e6ce6a2929db
8dadb5b53b4d9276102921c8d084e4f5bb8be8685231d426c51c7c7813b14e1c
8ecd68ebf6636654dcde936819a4b56c44fa878df4209e01da532606147df6c4
90dd9a62a907864dd24843ada6bdd3f0616a0d43bf7ea66688fd96a084a0896a
90ee20c6b2fe58c0bc327b411d5a68e2be5eea7b37eb642ee9e1a73f4c51f5eb
928a38286e71379f61745515fdfa73418780cfc06a21b9da5658e9473d5a75ac
92a7470a168117d5016639aad653cbc00d4fad480a7761ed2bd325ef5950c44c
939609a38ada9604bc1c33da3564b30714319046d19671a35b0e8bdf63dfb25a
93c42da1bb50f07b79321a02d58ba029a7a6acfb73a02fd3bb536fbc395fcd17
944b6e54b7a8787490fee6712961f8791872eaf24b6c9f20fc60ea0f910b9215
965bd80b6160ea097e9aba3a357ec6a515781e566847fd3ae0492e7868f77238
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
97327379757e31241f84821457184b269be28de4dc786e6cbbf86ef4b7277099
9737da49bdaa08390d1478a0b4bda7dc8c5924df6ea3460436dd87f84078e941
98c42ecca9cdf35a2ae693f6ac522bd8e4b871dd0045161f9ab9e9ffd3e3200b
990a170edd72ff89eb8b3167c8d7a4e5953bad4ff07719fc7e7a6bb3c2922f7d
9a2ad443e0dacd0741e2622a6129694053d5fcb8ada7d62ac533f0ca103fb590
9a58fd534ab3a1d90f9929fab26a3dcb88ef657ea909588435d5174939543df5
9a8609eeda77369cd567a813411d740959695b5a47db762f2f6dfbb6006cefcb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b5312cb2f154f2bd64ee8746195a63df254d10bfd107a61eec3d5d38dd48bff
9cfad6d2f276c86edb36f3e11f80a2093d80755e408477d6c7234dfa957fe4cf
9e23e0fdfe2224fc3ae0732430882444354abe235d3bce3f9b36ed29dcff8ca4
9e440f70f0749574d611acc451437378ff9c972397d01865fb7f1d3f31224bef
9ef24a658a7586de26ebf440f2ab91eb5fe7f9b87e5594c572a110da2d78290f
9f43aa34b620c451290ad923748729c9956da9e7476387b34f860d1131108924
9fb6d160d60535606eb88b538ff8c37ad7d4af86a4b72f77cee97454dd7f142f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c6f19f85dc91a7a7813255364375ff8c320934a28cd457c69995335e5b809b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0ea72666eeff3ee8b69252879704e4e90828c6796a9407083d6ee3ee26f62fb
a1127adbde0c3cf2968736a5830336bcd6dd2b0c98a63a98460a56a431f7626a
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a11f72929684f0a4aa70a7f9b2855757629a3f77b43b71771cb9359e3ca7dff4
a13bb387ff62a70ff8118c65f9c4cdd1d2849a7081702742a3fdba6e0e65eeae
a15a37b5f58247aa4045843f4ec9ee9aa7e9ad425ff61d211e12800cb1e744a4
a18cbdbb0fbb733d7f4cba5d2afd6b2706e3f141c743f491057e5800368cd8e5
a218f54e6094a485d863463ccbeb8f7d29605f141591bd40faa8d649ddcf399a
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a43aed4296647d38e6a0421f3acc14d571a783399218b24952568ba1510b74de
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a504c71b140cfd49c4b6a23e182a92d5e7753a751a9be4323703c05902b0f06e
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6b8438970005aba16cec020a5a73ff1542834885c00046209c87b1518ebdd3a
a6d5299026b6bada6dcff5a83fc0ce3f52185c95ac1a27f09119f687ef8256e1
a71f99764e88c7093b525195b250cc189ecd4bdde746fcda474172bee574021f
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9f4f33fb776dd880daab7c79869314236d3cfe2af36148b10ca3d4f38ac618a
ab579ceff8154178dce14f737e28f63e2434ba610bac67fac9ad5329a60d451b
ab94ded95a8d9e7aa822ab44c5d4e09b13eaacdf333321dbc0592d13b5c2c90c
abdd3d7ef1ee1435d47e4c0a7cf727feea8c58b863481568e54ab65a14c1441a
acc5d1f40fa2e46ed40bec9c01d1463a630adbf627df4d7ee94e03563736635e
ae1ae3f12d5ce5f5108040f0ead8e781c8f5ce05e6d01aa7d0d22b87a3f04b68
ae64196db7fe3eccb7a320032b6a44caff13bfc21fa264713fba1a5368a7cb6a
af2ac8055983b59c939388ef2b32ef532b5eb338d4f1758be91a125d4f07d83f
af5af42df5eff4c1d5797602145db2b04dce265b40912d7654b90549d88d5303
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16e4d837e670a5ebfc063192d8f154d15b8521adb391bbcb31cd171eec730b1
b5027a3cb31185a77afc8bd909fe1f006a8121aeed5e55fd002d6cb202b2a9c8
b5610cce0fea21c20d7cc297ff5d1668051df6f443dfdbd54197579bbae9ef05
b63ae0e854f1c9e37694c6abaec507547973c7b8b3a0c1211351a3cd265fe4d6
b6904dd3786abf2a13d9e3eebc371d27f65ffa4bae3d23ce1aa3f69b8b4962a9
b6ae9796b7529e803d74ca005623fb11d8150dbbee804cd209481860320993c4
b6be9ab7107b7a51e5f6007fa2d9398c0ebda6dc0ca9a90fbacae257a697a7c0
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b7c9dfdefe72ac6e15b87905928c625cace99ea185e42c93260ebbdf0f319d79
b8cb3ff0b3e138f0dd91fd1a105f16aa69eaa4fc6606447a44a4dd759b43f6d8
b8e0f84c28b67197499687117a93cad23f0ce2161f2855c41917eaeba19e2aa5
b9c90c601bc81ad71ed8be557ff9b095de5aae947926e84011e2728cf65250a6
b9e6c38b3493790e6525ba6715ad839211cab5db3ddc80c7f70f20f92679fee6
bb699bc9c6b8d90848e0e65d17f724b84d8a747e7294c88a74db28ff40ce17df
bcab50b80facdd8259667f6902b74c713dc70feaf073cfed9b8de4a69fca6a0e
bce3b152c6671e26a44b673f2590a2455cdf89199da3994f28dda7b71d18c6de
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be1d36041b109736727a9873c39b2b7d911b3593b4e6ee9abdc88c446f4b7c53
bffa861551f198af286512533cc265c00f751f6b96f6c2e9c66cfe4a1775f7fb
c03c604cd89b4ab78da516a6271fbc1b4027e9d232ee55e09e0f43e49e2c169b
c075f214d3183215a3366e5acf0b007eab32bbabf39d7fc26fdf57252168c775
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c12666c9d6771d583e14e1ac02107ae6ffa41301c9d763ae139e368931deb8c5
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c1f04aabf6777f1cb7dc3eb334362def5d047cbac8825a2a2e32e78b29ccd03c
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c4dccdd9ae25b64078e0c73f273de94f8894d5c99e4741645ece29aeefc9c5a4
c585cfa0d5885511ef71c5549be86f2f7cb94ba4108d6f45ff10cf62e26a7703
c6648e6d9cdd3fa19a5ff538d87d6994b9902bcf9e8f6976e0b84a74c45714d5
c69f2514168dc51c9e450fc178fe856c8910ead13cce2968ea06e05d85a8ec2d
c8104820879b5e2c9e63238b3b554870f1289e24eb68ae68730f9ed333f5f127
c8df3cd043e502e6da8b95958eb0e10fa2c5b2765c09ed9224dece7aa076ea81
cc8006549b960ddfd819ba7d9aeee4179cc02cd0492b5179dcb20e7444dc3ebf
ccec667b90556d21bcd7769e75b84f590093bae723ada6e308fbe93d25047a88
cd7a842d4f5946e033d1eac75ebdf6226f519729c70db483f0950c3f24b3dc76
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e720308869dd05b2d7cd6b1bdb04d0a0c2227e1caf8b0f62645c696f24925c
d1c194e2c16b352cd1618d4bd87f3f2206b60a77b6d629ecf7731648af9144a5
d4d3e9eeda67afa044fa89adc9a7f502a24b711647669283c46a426a6a75855b
d50991912f82769cec7a6e08141febde041e3fe35a63c4a70f799ff37085bf36
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d567961ad6c284150f2052f5e9771e31a5fdedcfd27f257cdd40491f99b32145
d578eb662c25055426362f05ee7b254adc180246f84be79d1ea25ff5bde24427
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d66c04bdb56984da131681d29a8f026371f62149a6c0aa4867cd521ffce31295
d67aa314db8b59a11ec91d5bf32ee27f08856b0e80de06ed178b4e49b6852b6e
d7b3c3d697de29efc1207c450103b7e2259b0fca00f3e4d7231cc586e76affe7
d8e820086e4d18910d06282df012e28566badb2f51ff19f4ce7f34a2792fefff
d9f8f04af9cc2608089522de16d06c1767ab2e70b985ad11c2255bba7032b44d
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
db319cd187bc5684db60e2b65ff132aa63c5dc32dd8c98171870cbdf926ccd59
dc47fab1fac376a3c446379c71b2d0fbd35fe9432cfef60bf5bf9baadc9b841c
dcc5c641c050be6f3e6a66337de455a55beb713a365d39bfc756d5c949957dd8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df1edd8d0694d05768c65aaebb0cbc54657eb1c348c64faa909a5fe99cd88e1b
e1c91c55e74065d95c7820c6ee08cbf002679315801d2a642f99545ed413f710
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e3331cc233f83eedf55cb78a8d64cf08bf3a4da1f11aead43a71c6a0fa3af763
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42489aee750681927e88591e25f9864dafbf032e614ad46e7a217a88180a8c8
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e5c8d644854257824304c3f30f571e962733b4eb851eae6860fe896a6c139759
e5e038b3f2a804dc05c6ad8a215464d5f16a82bc2cbe913725576fcd8bc65e0a
e5ecfcec3e27fe9897118aabcbd06b14a055e27fdff3fbfd82e4b35336c3f7fe
e67ca531d1a10173e2113e68639ca74c02cb2e29b26e46508f76cfede65af1e0
e85527210e07e231b8ee22d61d3f790b58fb33898162a3648de5eae94ace2299
e9c3a312679ed12ae288d06ab31aade4d87e313769ce18f3b2646a0984d6122c
e9c6fc5a4cf8dfbd460cc8b1a95cec75c31bb09d635af0099f1175b910fbcf04
e9d5a1e0b821683371a89b3278314aac0a04c4a1523aa2f415b5c5b89a49e56b
e9eb32ffd3680e8e791dc3ec9d0e8ed39f7b92555537c5dd8bb2f22cd2bbc92a
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ec10c7ae80b5f78dba4eef5b14ec748d57416035474a4d17d83fbf390382c38e
ecbfb7b08920da33cefdd65a82a50fb1edf8f84a85631ec9c5e031c2a3cf5ade
edf1f5b0b3e0135839673a6b4fd8edbecc41793e46740bbf1be3c47826d4e46f
ee07009e9fe79b9909bafdb282106c95dac83f905c6ac665e1257ac862ed50e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef353502936755d8002d507a8b6a3f2f442bf3f4949542489b1cd35bf3f622c3
f06156d4532bb7945d1719700fb7bad88b611affa18648f3d770c76cdecaa580
f0940248334cc81bd0e4621c32da73b7af82fdc9901f2db94df6dd476307b654
f0b8f83ee292d91599e2d9684e86486ed773395afd4f0983d58221289669db82
f246423a0c4b1bae12a297ba2d9ba6b54944ec283b22f9b1bc1f5e311cdcddf3
f3dda733f91e094a6b8b09345ebf9cf6b567b37c109c974574d657ed2248750e
f3fc929a36ee5db31a8a9b4743845474bdeb425edb019eb4e75a441cdb8ab032
f402647b2dc2ccb9eb991a845e2497085d8e86744054af941604c2201bb33a62
f443a34f019986fc0949e5f4993c6f400337ba74f296ece6fc7e667fd411f92c
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f51cfa71ca8f38778cdad83d5f7f6106b58291b6cbba2506b769ca1040575b81
f5b137432410aa824bf25f4816facfb2da720ae0cd282f3ee5330440f60f8fda
f665b131599311044cbe32c0da10dc710ce1ac5b38e7af2184a8e413e7f0871c
f6f01595da7f42a535cf4361bdb512ae5c8e4e5ee16902c6e1dfaae9071b2f67
f7c86ec7c63b78324a8ff2cfd5fe5d38b713d8b08d99aef755cc28ae3a482ba4
f86c51c1ce8a6ec2616775dac76dcae0d7dae876ab9b77e8d89a45caf76c788c
fab1a45a78be010b31ddd18c2f0b62fbb7ccc0ac121ca414dcd62e5e31b35d96
fb8487dc0dd9c17804ae6dda22d896544bb20d0f041211057486bde29f5b3af9
fb98ffd61d9c49886a14b1eec8b65802a8e240787840d145bbd17e45bd0ff770
fc025dc474b61d437a8fd6882d65366bb75d00f01de0a48d9586ee76eb912a4a
fd4ee213f6385742fd19f7f2b91cc6e4031254f49873113f4e34fb9e9042b40a
fdcffeaa8d74e886a0613aa1b96b2a0561abfa69477bafbad1d2be69a8cec33b

hinet.net Open in urlscan Pro 203.75.214.159 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

637 Requests

99 %HTTPS

43 %IPv6

52 Domains

101 Subdomains

84 IPs

9 Countries

15799 kBTransfer

25097 kBSize

0 Cookies

227 Outgoing links

Page URL History

Redirected requests

637 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hinet.net Open in urlscan Pro
203.75.214.159 Public Scan

Screenshot
Live screenshot

Full Image

637
Requests

99 %
HTTPS

43 %
IPv6

52
Domains

101
Subdomains

84
IPs

9
Countries

15799 kB
Transfer

25097 kB
Size

0
Cookies

637 HTTP transactions
6 data transactions