urlscan.io logo urlscan.io
SecurityTrails logo

kknews.cc Open in urlscan Pro
104.22.26.227  Public Scan

Go To Rescan Add Verdict Report
URL: https://kknews.cc/food/z9oa5l.html
Submission: On January 10 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 34 IPs in 7 countries across 25 domains to perform 91 HTTP transactions. The main IP is 104.22.26.227, located in and belongs to CLOUDFLARENET, US. The main domain is kknews.cc. The Cisco Umbrella rank of the primary domain is 119007.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2021. Valid for: a year.
This is the only time kknews.cc was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 18 104.22.26.227 13335 (CLOUDFLAR...)
4 2607:f8b0:400... 15169 (GOOGLE)
4 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
6 18.64.236.81 16509 (AMAZON-02)
2 2607:f8b0:400... 15169 (GOOGLE)
2 104.22.27.227 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
12 2001:4998:14:... 14777 (YAHOO)
2 74.6.138.64 26101 (YAHOO-BF1)
3 6 2a02:6b8::1:119 208722 (YNDX)
2 210.59.219.180 3462 (HINET Dat...)
1 162.210.196.208 30633 (LEASEWEB-...)
1 74.119.119.129 19750 (AS-CRITEO)
1 54.168.194.199 16509 (AMAZON-02)
1 210.59.219.181 3462 (HINET Dat...)
1 103.132.192.30 138552 (RTBHOUSE-...)
1 2 80.239.201.10 1299 (TWELVE99 ...)
2 2001:4998:124... 26101 (YAHOO-BF1)
1 207.244.102.142 30633 (LEASEWEB-...)
1 2001:4998:124... 26101 (YAHOO-BF1)
1 2600:9000:233... 16509 (AMAZON-02)
2 2620:100:a001::4 19750 (AS-CRITEO)
3 34.213.95.5 16509 (AMAZON-02)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
1 74.119.119.139 19750 (AS-CRITEO)
1 2a03:2880:f11... ()
3 4 142.251.40.130 ()
1 210.59.219.175 ()
1 3 23.73.244.44 ()
3 4 8.39.36.142 ()
5 69.173.151.100 ()
1 1 216.200.232.253 ()
1 35.190.60.146 ()
2 2 151.101.2.49 ()
1 1 3.33.220.150 ()
1 1 2600:1f18:4e9... ()
91 34
18    104.22.26.227 (None, )

ASN13335 (CLOUDFLARENET, US)
kknews.cc
a.kknews.cc
ti2.kknews.cc
ti1.kknews.cc
i1.kknews.cc
i2.kknews.cc
4    2607:f8b0:4006:817::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
4    2607:f8b0:4006:80f::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2607:f8b0:4006:81f::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    18.64.236.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-64-236-81.atl56.r.cloudfront.net
img.scupio.com
2    2607:f8b0:4006:81f::200a (United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    104.22.27.227 (None, )

ASN13335 (CLOUDFLARENET, US)
a.kknews.cc
pixel.kknews.cc
3    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
12    2001:4998:14:800::1000 (Ashburn, United States)

ASN14777 (YAHOO, US)
s.yimg.com
cdn.js7k.com
beap-bc.yahoo.com
ads.yahoo.com
2    74.6.138.64 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
PTR: media-router-flurry71.prod.media.vip.bf1.yahoo.com
ads.yap.yahoo.com
6    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (YNDX, FI)
mc.yandex.ru
2    210.59.219.180 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
bw.scupio.com
1    162.210.196.208 (Arlington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
hb.aralego.com
1    74.119.119.129 (United States)

ASN19750 (AS-CRITEO, US)
PTR: bidder.va1.vip.prod.criteo.com
bidder.criteo.com
1    54.168.194.199 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-194-199.ap-northeast-1.compute.amazonaws.com
ad.holmesmind.com
1    210.59.219.181 (Taipei, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
prebid.scupio.com
1    103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net
prebid-asia.creativecdn.com
2    80.239.201.10 (Sweden)

ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE)
PTR: 80-239-201-10.teliacarrier-cust.com
mc.webvisor.org
2    2001:4998:124:1407::d000 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
pr.ybp.yahoo.com
1    207.244.102.142 (Arlington, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
us-east-ad-track.aralego.com
1    2001:4998:124:1407::a001 (Lockport, United States)

ASN26101 (YAHOO-BF1, US)
beap.gemini.yahoo.com
1    2600:9000:2335:a200:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
2    2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)
static.criteo.net
3    34.213.95.5 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-213-95-5.us-west-2.compute.amazonaws.com
dmp.eland-tech.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
1    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    2a03:2880:f112:83:face:b00c:0:25de (None, )

ASN- ()
www.facebook.com
4    142.251.40.130 (None, )

ASN- ()
cm.g.doubleclick.net
1    210.59.219.175 (None, )

ASN- ()
rec.scupio.com
3    23.73.244.44 (None, )

ASN- ()
secure-assets.rubiconproject.com
eus.rubiconproject.com
4    8.39.36.142 (None, )

ASN- ()
token.rubiconproject.com
5    69.173.151.100 (None, )

ASN- ()
pixel.rubiconproject.com
1    216.200.232.253 (None, )

ASN- ()
sync.mathtag.com
1    35.190.60.146 (None, )

ASN- ()
id.rlcdn.com
2    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    3.33.220.150 (None, )

ASN- ()
match.adsrvr.org
1    2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
Apex Domain
Subdomains		 Transfer
20 kknews.cc
kknews.cc — Cisco Umbrella Rank: 119007
a.kknews.cc — Cisco Umbrella Rank: 218919
ti2.kknews.cc — Cisco Umbrella Rank: 212771
ti1.kknews.cc — Cisco Umbrella Rank: 211442
pixel.kknews.cc — Cisco Umbrella Rank: 222517
i1.kknews.cc — Cisco Umbrella Rank: 168594
i2.kknews.cc — Cisco Umbrella Rank: 166216
212 KB
12 rubiconproject.com
secure-assets.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-apac.rubiconproject.com Failed
pixel.rubiconproject.com
16 KB
10 scupio.com
img.scupio.com — Cisco Umbrella Rank: 50696
bw.scupio.com — Cisco Umbrella Rank: 103181
prebid.scupio.com — Cisco Umbrella Rank: 55630
rec.scupio.com
135 KB
9 yimg.com
s.yimg.com — Cisco Umbrella Rank: 385
1 MB
8 yahoo.com
ads.yap.yahoo.com — Cisco Umbrella Rank: 7310
pr.ybp.yahoo.com — Cisco Umbrella Rank: 842
beap.gemini.yahoo.com — Cisco Umbrella Rank: 1174
beap-bc.yahoo.com
ads.yahoo.com
pr-bh.ybp.yahoo.com
28 KB
6 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3317
3 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
337 KB
4 doubleclick.net
cm.g.doubleclick.net
910 B
4 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 693
gum.criteo.com — Cisco Umbrella Rank: 339
mug.criteo.com — Cisco Umbrella Rank: 3226
6 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 8
37 KB
3 eland-tech.com
dmp.eland-tech.com — Cisco Umbrella Rank: 173936
6 KB
3 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 398
93 KB
2 everesttech.net
sync-tm.everesttech.net
630 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 587
55 KB
2 webvisor.org
mc.webvisor.org — Cisco Umbrella Rank: 17407
713 B
2 aralego.com
hb.aralego.com — Cisco Umbrella Rank: 12963
us-east-ad-track.aralego.com — Cisco Umbrella Rank: 56029
sync.aralego.com Failed
3 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 258
63 KB
1 adsrvr.org
match.adsrvr.org
517 B
1 rlcdn.com
id.rlcdn.com
449 B
1 mathtag.com
sync.mathtag.com
656 B
1 facebook.com
www.facebook.com
406 B
1 agkn.com
d.agkn.com — Cisco Umbrella Rank: 466
585 B
1 js7k.com
cdn.js7k.com — Cisco Umbrella Rank: 761
14 KB
1 creativecdn.com
prebid-asia.creativecdn.com — Cisco Umbrella Rank: 15179
176 B
1 holmesmind.com
ad.holmesmind.com — Cisco Umbrella Rank: 81800
219 B
91 25
Domain Requested by
9 s.yimg.com kknews.cc
s.yimg.com
img.scupio.com
6 mc.yandex.ru 3 redirects kknews.cc
6 img.scupio.com kknews.cc
img.scupio.com
5 pixel.rubiconproject.com eus.rubiconproject.com
5 ti1.kknews.cc kknews.cc
5 ti2.kknews.cc kknews.cc
4 token.rubiconproject.com 3 redirects eus.rubiconproject.com
4 cm.g.doubleclick.net 3 redirects eus.rubiconproject.com
4 a.kknews.cc kknews.cc
a.kknews.cc
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com kknews.cc
www.gstatic.com
www.google.com
3 dmp.eland-tech.com img.scupio.com
dmp.eland-tech.com
cdn.jsdelivr.net
3 cdn.jsdelivr.net kknews.cc
dmp.eland-tech.com
3 kknews.cc 1 redirects
2 sync-tm.everesttech.net 2 redirects
2 eus.rubiconproject.com img.scupio.com
eus.rubiconproject.com
2 gum.criteo.com 1 redirects static.criteo.net
2 static.criteo.net img.scupio.com
static.criteo.net
2 pr.ybp.yahoo.com kknews.cc
2 mc.webvisor.org 1 redirects kknews.cc
2 bw.scupio.com img.scupio.com
ajax.googleapis.com
2 ads.yap.yahoo.com s.yimg.com
2 ajax.googleapis.com kknews.cc
img.scupio.com
2 fonts.gstatic.com www.google.com
1 pr-bh.ybp.yahoo.com 1 redirects
1 match.adsrvr.org 1 redirects
1 ads.yahoo.com eus.rubiconproject.com
1 id.rlcdn.com eus.rubiconproject.com
1 sync.mathtag.com 1 redirects
1 secure-assets.rubiconproject.com 1 redirects
1 rec.scupio.com img.scupio.com
1 www.facebook.com img.scupio.com
1 beap-bc.yahoo.com cdn.js7k.com
1 mug.criteo.com
1 d.agkn.com img.scupio.com
1 cdn.js7k.com pr.ybp.yahoo.com
1 beap.gemini.yahoo.com
1 us-east-ad-track.aralego.com img.scupio.com
1 prebid-asia.creativecdn.com img.scupio.com
1 prebid.scupio.com img.scupio.com
1 ad.holmesmind.com img.scupio.com
1 bidder.criteo.com img.scupio.com
1 hb.aralego.com img.scupio.com
1 i2.kknews.cc kknews.cc
1 i1.kknews.cc kknews.cc
1 pixel.kknews.cc a.kknews.cc
0 pixel-apac.rubiconproject.com Failed eus.rubiconproject.com
0 sync.aralego.com Failed img.scupio.com
91 48

This site contains links to these domains. Also see Links.

Domain
beap.gemini.yahoo.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-09 -
2022-07-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.scupio.com
Sectigo RSA Organization Validation Secure Server CA		 2021-10-13 -
2022-11-13		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-12-20 -
2022-02-09		 2 months crt.sh
*.gw.flurry.com
DigiCert SHA2 High Assurance Server CA		 2021-11-23 -
2022-05-18		 6 months crt.sh
mc.yandex.ru
Yandex CA		 2021-12-22 -
2022-06-03		 5 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-26		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2021-05-18 -
2022-06-19		 a year crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-30 -
2022-04-12		 a year crt.sh
*.pbp.bf2.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-11-03 -
2022-02-02		 3 months crt.sh
*.beap.gemini.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-12-14 -
2022-06-08		 6 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-12-01 -
2022-02-24		 3 months crt.sh
dmp.eland-tech.com
Sectigo RSA Domain Validation Secure Server CA		 2021-04-14 -
2022-05-14		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-20 -
2022-01-18		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh

This page contains 10 frames:

Primary Page: https://kknews.cc/food/z9oa5l.html
Frame ID: 3DD0D786691276E984D9773274893A68
Requests: 46 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcfvrYUAAAAAGRQnnuf2pOT7kuNzVM1Zb-IESCh&co=aHR0cHM6Ly9ra25ld3MuY2M6NDQz&hl=zh-TW&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=g8g4r0c6ttbj
Frame ID: 73B393D8626F9B293E337832FB314D89
Requests: 8 HTTP requests in this frame

Frame: https://img.scupio.com/html/ad.html?v=1.0.60
Frame ID: 97450B6E2812851EF113875BC87A6FA6
Requests: 13 HTTP requests in this frame

Frame: https://pr.ybp.yahoo.com/ab/secure/true/imp/sjX6xPKN_t0hFno-n0EEtoDgXOMOwj6F3XGkyE3_jNU4RqNzkobXi2s4JKBLV2KtiEZvamajqyoA5rbnoaCqDzWSNu8Q2QPv_bDbRmSjgxbf4kh2AmJyoYOipdHNg0TbO6A-3fHMYdQT9kbeeX-GKjiQKanyxEJtZ_22KbNzW-d2xzyciyzIILfkmVHJTILwtCwmPfQ7PgRT0bHzSBTfmNZZ3DNc7ZX9CsFXR9--J0Z1nDhS6AK0MgIZQsfHMx-ERqdhlfeu81Fzko2BrHftg0pjlZZLrAlokyLLmew3A_vm5vS_CqxjnEMHNIGDesnzs4zNXTrhCS20fr_w40fsuFJ145r60MCjEbbmbfuRkd91JZIadwgPzpUauCW9uJ314NOMccGH_fCitfxRAtoamMfS22V3gLYZPRvF5fikyQUEB3aLvfQegua3GzUp7pS1hEji9og8X2f7tGG41JMj6yxDPsyNlkrlEbsXYOcQaHPmUt8EIQ-0c-iZc7gyK6c2KL6QD7y_1cf69jIP8rxjplOhVexNvth4DSXsnjrgQAU6JK2uItJnJlc7qfHwF_PIarRwoFynWAa2RVRht0p0DGGzhfLGrpxKUaNLg2lnQ0Qwol6gIeRCNL0YBrQrdC9Atiusq6uhnRxmqWYQcVnCEzWE3FrRSf5HoukPoUHWtcKJofmLElUpYggumJgdaXXUMzRM8BFcGN8-xrBvJ-2qNC8kKDW3rS0RlommwVyFTqLfc5_icvGcuYy9kwOXGjFsq1kwpzIvEdiLbhhkC6bxvl4MbZFfhcuAingevqQ4hekCHz8-5YKRMc33B5Ol2UdYSkaCBaTzalk_thuhCnXrwOfzDc00BoUjZgFEjpTFXDO58aVV_ddYPcOqOI6_L3l5-5tfGy01EiXrh3eNTj4J0s4k1zM5PtrDHIOA2BZq3_illz_FwRa5hlNSxgpMWMjA_C8OyCmS4HDsGE2QtdUv6WOexysE2FZ9mSDgpwNHpUJMGXLUQR4tZCyRYDjcZtXE3xi3EmYdO5LIv0-Aezd5pW20LrFS6U8vJRwfoVPzObTHSm0Q4DoYfYQgsgobC4ukBlo9ArezwsnS85z2azlZr7id3pJyQdNMfjl1iRHgy1_fnwFrjpURIS1HFxSsuXRAwQNQNRGGUq-030unHpctKRBBpMpan4kdZagABvLquddh2OI46CcLu9X2houTWrRn9_xSWlsyRGm851deT7LBZLgtV6ucPL7LoaXmjYz-x-GROd3EVS28JguYzL9Mogu73YI7EsfBTeZ15d2mwnumo3WhbjKOFgl5jfUXM-7Ta6cnyKPWipLiDuq_5PmPrPr_yE2rZBg-EwprTDIFOjQZ8jyPIZ0C26knwqzLZafqBVknZrEgNcQKcG_nkdSRU1CnW40xdS_6TOUDX_azCZmF67_iVyGG73_3qVsUfa8gMsR7B_Mgv-Ymc8uGVKIeFUTuSNjp9pu8uHhGWlqGf00O0WE3X7M2pgqXsCB49H2zX9RZNeC1b--uyYaBkVtJtUu7gPmEOhFYLnklLe5cC4wjre7bxI5ri_ZiExKCjSG0rw6kfxmo0fQSkpVp4tAUEfKs7rfRI9I3NCI/wp/P6OJ-DvmYBw
Frame ID: 1696B0A685CA367EA4E58419B2F35E2B
Requests: 7 HTTP requests in this frame

Frame: https://us-east-ad-track.aralego.com/v1/ban/impr?iid=5c1737d2-ce23-41db-8dab-752daf867175
Frame ID: 6A1AE45E193EE35BF65E5FD7DAF68F70
Requests: 1 HTTP requests in this frame

Frame: https://img.scupio.com/html/ls.html
Frame ID: 7BB100FAFAF9BEDA76F85C933CC9E928
Requests: 1 HTTP requests in this frame

Frame: https://dmp.eland-tech.com/dmpreceiver/eland_tracker.js
Frame ID: 1ADF019F6117B82D9138A78AA32280C8
Requests: 7 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kknews.cc
Frame ID: 85F902269A6930C43E09F96FCAA135ED
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Frame ID: 41DACF57029514134A73577C76221BD2
Requests: 12 HTTP requests in this frame

Frame: https://dmp.eland-tech.com/dmpreceiver/viewreceiver?&DMP_SR=BW&target=usual&url=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.60&refer_url=&platform=PC&os=Windows&browser=Chrome&subDomain=html-ad.html&trackType=view&ce=1&member_id=CMA20220111061637627840&fp2=9c34e3dea5119827ef8d9d71e0404898&
Frame ID: 162495D0C5F8C2D256701A992C8F490E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

吃貨分享┃你們眼中重口味的羊癟湯,其實是「小清新」 - 每日頭條

Page URL History Show full URLs

  1. https://kknews.cc/food/z9oa5l.html Page URL
  2. https://kknews.cc/cgi-bin/verify HTTP 302
    http://kknews.cc/food/z9oa5l.html HTTP 307
    https://kknews.cc/food/z9oa5l.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

91
Requests

85 %
HTTPS

38 %
IPv6

25
Domains

48
Subdomains

34
IPs

7
Countries

2335 kB
Transfer

3602 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://kknews.cc/food/z9oa5l.html Page URL
  2. https://kknews.cc/cgi-bin/verify HTTP 302
    http://kknews.cc/food/z9oa5l.html HTTP 307
    https://kknews.cc/food/z9oa5l.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fkknews.cc%2Ffood%2Fz9oa5l.html&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A610%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A2%3Adp%3A0%3Als%3A1556310527522%3Ahid%3A219253257%3Az%3A0%3Ai%3A202201010221635%3Aet%3A1641852996%3Ac%3A1%3Arn%3A1012190310%3Arqn%3A1%3Au%3A1641852996607056933%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641852994569%3Ads%3A0%2C0%2C173%2C61%2C209%2C0%2C%2C252%2C0%2C%2C%2C%2C640%3Adsn%3A0%2C0%2C174%2C61%2C209%2C0%2C%2C195%2C1%2C%2C%2C%2C639%3Awv%3A2%3Aco%3A0%3Ast%3A1641852996&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fkknews.cc%2Ffood%2Fz9oa5l.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A610%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A2%3Adp%3A0%3Als%3A1556310527522%3Ahid%3A219253257%3Az%3A0%3Ai%3A202201010221635%3Aet%3A1641852996%3Ac%3A1%3Arn%3A1012190310%3Arqn%3A1%3Au%3A1641852996607056933%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641852994569%3Ads%3A0%2C0%2C173%2C61%2C209%2C0%2C%2C252%2C0%2C%2C%2C%2C640%3Adsn%3A0%2C0%2C174%2C61%2C209%2C0%2C%2C195%2C1%2C%2C%2C%2C639%3Awv%3A2%3Aco%3A0%3Ast%3A1641852996&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 39
  • https://mc.yandex.ru/watch/80806720?wmode=7&page-url=https%3A%2F%2Fkknews.cc%2Ffood%2Fz9oa5l.html&charset=utf-8&site-info=%7B%22ads%22%3Afalse%2C%22fmt%22%3A%22html%22%2C%22cat%22%3A%22food%22%2C%22src%22%3A%224501207722%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A610%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A327142862771%3Ahid%3A219253257%3Az%3A0%3Ai%3A202201010221635%3Aet%3A1641852996%3Ac%3A1%3Arn%3A994488565%3Arqn%3A1%3Au%3A1641852996607056933%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641852994569%3Ads%3A0%2C0%2C173%2C61%2C209%2C0%2C%2C252%2C0%2C%2C%2C%2C640%3Adsn%3A0%2C0%2C174%2C61%2C209%2C0%2C%2C195%2C1%2C%2C%2C%2C639%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641852996%3At%3A%E5%90%83%E8%B2%A8%E5%88%86%E4%BA%AB%E2%94%83%E4%BD%A0%E5%80%91%E7%9C%BC%E4%B8%AD%E9%87%8D%E5%8F%A3%E5%91%B3%E7%9A%84%E7%BE%8A%E7%99%9F%E6%B9%AF%EF%BC%8C%E5%85%B6%E5%AF%A6%E6%98%AF%E3%80%8C%E5%B0%8F%E6%B8%85%E6%96%B0%E3%80%8D%20-%20%E6%AF%8F%E6%97%A5%E9%A0%AD%E6%A2%9D&t=gdpr(14)aw(1)ti(2) HTTP 302
  • https://mc.yandex.ru/watch/80806720/1?wmode=7&page-url=https%3A%2F%2Fkknews.cc%2Ffood%2Fz9oa5l.html&charset=utf-8&site-info=%7B%22ads%22%3Afalse%2C%22fmt%22%3A%22html%22%2C%22cat%22%3A%22food%22%2C%22src%22%3A%224501207722%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A610%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A327142862771%3Ahid%3A219253257%3Az%3A0%3Ai%3A202201010221635%3Aet%3A1641852996%3Ac%3A1%3Arn%3A994488565%3Arqn%3A1%3Au%3A1641852996607056933%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641852994569%3Ads%3A0%2C0%2C173%2C61%2C209%2C0%2C%2C252%2C0%2C%2C%2C%2C640%3Adsn%3A0%2C0%2C174%2C61%2C209%2C0%2C%2C195%2C1%2C%2C%2C%2C639%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641852996%3At%3A%E5%90%83%E8%B2%A8%E5%88%86%E4%BA%AB%E2%94%83%E4%BD%A0%E5%80%91%E7%9C%BC%E4%B8%AD%E9%87%8D%E5%8F%A3%E5%91%B3%E7%9A%84%E7%BE%8A%E7%99%9F%E6%B9%AF%EF%BC%8C%E5%85%B6%E5%AF%A6%E6%98%AF%E3%80%8C%E5%B0%8F%E6%B8%85%E6%96%B0%E3%80%8D%20-%20%E6%AF%8F%E6%97%A5%E9%A0%AD%E6%A2%9D&t=gdpr%2814%29aw%281%29ti%282%29
Request Chain 59
  • https://mc.webvisor.org/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9514.pTgNfjDCzKoFwYHSTD14cEYUjQ_gl-0qUxUZzVQz0QjKK09e2nkuzVRwbO1H63Vt.pF4WiKGzO2vw7Y8M-1XyyiDuukI%2C HTTP 302
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9514.JdT1mb0sPnU9iZXGdFbIQ4SP2vdOvM7MM-D_rlsuswQP2xov4_ajf0B8MZf9Wroqr_jTafvd99ImYh2ySHth6p9hrxlUIxHQVx9ZJ0Z8SBY%2C.RH4UT4M3FPnL_92gGeGpYZZ0noI%2C
Request Chain 76
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=kknews.cc&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=NoFgQHxXakp0Yy9lTnZlMy9Ca0FZUVdtRzlVQjJWYWVxcm1sZmErVkdWbXpYU2o1S2FvM0RTNkJKbXFvcXZFQy9kZGU0VGJKOWE5N1ZSVGtLSU5KS2pLUitvQXB1dXJpVGtmMTVOaWNWRUhud3hUemtqZ0pQSGhPSUxReG55aE5pSXdEMGt6bmcva0wyQW1ZU3Jzb1hmVlVOanNaekhSblp1cmVucjNPSnJ6R2NSWm82a1pvbVcwNGVOVWZuWnZUUnlkV2VwZG9LNGFiYzRYaUEydWFDUUQ0aVo5YXprU3ZFMERIOS9OQ3VzdmFpSkEzeXA2THMvU3laeVczTlFmNlRFci93dzhacW01bW9uNEszVXQrTWxHdm9yVEtsVFFEZ2FZYWYyVEJMRGVZUXpzYz18&cppv=2
Request Chain 80
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CMA20220111061637627840 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/6b6910d1-61ef-4b71-8ddc-95a2256d9e70?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZP1oQ1lE2oU00kSCkB6VHUcGuh1WOQ81CtJr71I-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=f1b937e7-9de8-4d90-a38f-f004a399005b HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/6b6910d1-61ef-4b71-8ddc-95a2256d9e70?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZP1oQ1lE2oU00kSCkB6VHUcGuh1WOQ81CtJr71I-~A&redirect= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=f1b937e7-9de8-4d90-a38f-f004a399005b HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/6b6910d1-61ef-4b71-8ddc-95a2256d9e70?gdpr=0&euconsent= HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZP1oQ1lE2oU00kSCkB6VHUcGuh1WOQ81CtJr71I-~A&redirect=
Request Chain 81
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q01BMjAyMjAxMTEwNjE2Mzc2Mjc4NDA%3d&layout=js HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q01BMjAyMjAxMTEwNjE2Mzc2Mjc4NDA%3D&layout=js&google_tc= HTTP 302
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMfsXvj2-_EylsMyHNLNbVA&google_cver=1&google_ula=3918219,0
Request Chain 82
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Request Chain 89
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMGX9vXzW8HZL2CfHNw1LPA&google_cver=1
Request Chain 90
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4e8561dc-b046-4b00-a72f-0992a3a5cc7c
Request Chain 92
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY98VTEX-23-4XYZ&sigv=1&esig=2~849093ae01ecf3f94dcbd76030ff3af168360385
Request Chain 93
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTI2ZjM1ZmMwMTA2YTIzMGZhMWJkNWQwNmRkNzZlNDNhMDM5MjUwNQ
Request Chain 94
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YdywRgAEj1tJGgBK HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdywRgAEj1tJGgBK&_test=YdywRgAEj1tJGgBK
Request Chain 95
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f1b937e7-9de8-4d90-a38f-f004a399005b&gdpr=0&gdpr_consent=&expires=30
Request Chain 96
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/XlJslgP1EjTwn3rvvh6VcMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3266310894486365560

91 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
z9oa5l.html
kknews.cc/food/ 		3 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ab8f227e54ba267e83f7aded7e079a53316096911101c404bb2ba9e7e27902b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Mon, 10 Jan 2022 22:16:34 GMT
content-type
text/html; charset=utf-8
content-length
3356
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6cb9453b985d8c7e-EWR
api.js
www.google.com/recaptcha/ 		942 B
1022 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=6LcfvrYUAAAAAGRQnnuf2pOT7kuNzVM1Zb-IESCh&onload=captchaReady&hl=zh-tw
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
87c7cdd5faeca0414da0bd5ce1e658c63f881c9d06db2d10be1a8dd39dad9af8
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
610
x-xss-protection
1; mode=block
expires
Mon, 10 Jan 2022 22:16:34 GMT
recaptcha__zh_tw.js
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ 		357 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__zh_tw.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcfvrYUAAAAAGRQnnuf2pOT7kuNzVM1Zb-IESCh&onload=captchaReady&hl=zh-tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16dc0e292d7b4995731eee4e8d2bfd93cf0a946e5aa2e1707fa88e1f4e2e259c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://kknews.cc/
Origin
https://kknews.cc
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 06:37:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143218
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 05:02:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Jan 2023 06:37:13 GMT
anchor
www.google.com/recaptcha/api2/ Frame 73B3 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcfvrYUAAAAAGRQnnuf2pOT7kuNzVM1Zb-IESCh&co=aHR0cHM6Ly9ra25ld3MuY2M6NDQz&hl=zh-TW&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=g8g4r0c6ttbj
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__zh_tw.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c087086a8bd8b135d3b5d2407870d51e14cb847c31cc13a499d65500d25953f1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-zVKimsL+SYXV/7ESjVKU/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Mon, 10 Jan 2022 22:16:34 GMT
content-security-policy
script-src 'report-sample' 'nonce-zVKimsL+SYXV/7ESjVKU/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20501
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
styles__ltr.css
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ Frame 73B3 		51 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcfvrYUAAAAAGRQnnuf2pOT7kuNzVM1Zb-IESCh&co=aHR0cHM6Ly9ra25ld3MuY2M6NDQz&hl=zh-TW&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=g8g4r0c6ttbj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bcd1f7e49f79b765f936bdae5a06d5a63529d8b21a588011146de94f927524
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 06:45:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24158
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 05:02:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 10 Jan 2023 06:45:19 GMT
recaptcha__zh_tw.js
www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/ Frame 73B3 		357 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__zh_tw.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcfvrYUAAAAAGRQnnuf2pOT7kuNzVM1Zb-IESCh&co=aHR0cHM6Ly9ra25ld3MuY2M6NDQz&hl=zh-TW&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=g8g4r0c6ttbj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
16dc0e292d7b4995731eee4e8d2bfd93cf0a946e5aa2e1707fa88e1f4e2e259c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 06:37:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
315561
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
143218
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 05:02:35 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Jan 2023 06:37:13 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 73B3 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 08 Jan 2022 13:59:43 GMT
x-content-type-options
nosniff
age
202611
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Sat, 15 Jan 2022 13:59:43 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 73B3 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcfvrYUAAAAAGRQnnuf2pOT7kuNzVM1Zb-IESCh&co=aHR0cHM6Ly9ra25ld3MuY2M6NDQz&hl=zh-TW&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=g8g4r0c6ttbj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 11:41:34 GMT
x-content-type-options
nosniff
age
556500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 11:41:34 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 73B3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcfvrYUAAAAAGRQnnuf2pOT7kuNzVM1Zb-IESCh&co=aHR0cHM6Ly9ra25ld3MuY2M6NDQz&hl=zh-TW&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=g8g4r0c6ttbj
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Wed, 05 Jan 2022 19:40:58 GMT
x-content-type-options
nosniff
age
441336
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 05 Jan 2023 19:40:58 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 73B3 		105 B
137 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=zh-TW&v=-FJgYf1d3dZ_QPcZP7bd85hc
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcfvrYUAAAAAGRQnnuf2pOT7kuNzVM1Zb-IESCh&co=aHR0cHM6Ly9ra25ld3MuY2M6NDQz&hl=zh-TW&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=g8g4r0c6ttbj
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e321dc2ff238a0deb940472f1538b8b52c77da910be7d6adc2675f6184944301
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcfvrYUAAAAAGRQnnuf2pOT7kuNzVM1Zb-IESCh&co=aHR0cHM6Ly9ra25ld3MuY2M6NDQz&hl=zh-TW&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=g8g4r0c6ttbj
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
115
x-xss-protection
1; mode=block
expires
Mon, 10 Jan 2022 22:16:34 GMT
reload
www.google.com/recaptcha/api2/ Frame 73B3 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6LcfvrYUAAAAAGRQnnuf2pOT7kuNzVM1Zb-IESCh
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/-FJgYf1d3dZ_QPcZP7bd85hc/recaptcha__zh_tw.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:817::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
0a98afc1c853b375014889c156d6d6e04148b3a2bea3a6bce7e81ecd1471a0fb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcfvrYUAAAAAGRQnnuf2pOT7kuNzVM1Zb-IESCh&co=aHR0cHM6Ly9ra25ld3MuY2M6NDQz&hl=zh-TW&v=-FJgYf1d3dZ_QPcZP7bd85hc&size=invisible&cb=g8g4r0c6ttbj
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Mon, 10 Jan 2022 22:16:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16224
x-xss-protection
1; mode=block
expires
Mon, 10 Jan 2022 22:16:34 GMT
Primary Request z9oa5l.html
kknews.cc/food/
Redirect Chain
  • https://kknews.cc/cgi-bin/verify
  • http://kknews.cc/food/z9oa5l.html
  • https://kknews.cc/food/z9oa5l.html
23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba35185cf9e6d2ed3fcff360edabaf715152a93c68ea1baafb97c97334df56d9
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
Origin
https://kknews.cc
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

date
Mon, 10 Jan 2022 22:16:34 GMT
content-type
text/html; charset=UTF-8
x-frame-options
SAMEORIGIN
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
server
cloudflare
cf-ray
6cb9454169c98c7e-EWR
content-encoding
br

Redirect headers

Location
https://kknews.cc/food/z9oa5l.html
Non-Authoritative-Reason
HSTS
style-a4186276.css
a.kknews.cc/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.kknews.cc/style-a4186276.css
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d8ffbb8a4771ac04200bb2a05d71e8c8f487845456e870b5605014019eaa62f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1609240
vary
Accept-Encoding
last-modified
Thu, 23 Dec 2021 07:11:42 GMT
server
cloudflare
etag
W/"61c4212e-7ad7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
6cb94542ad198c7e-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
blank-ad4b0f60.gif
a.kknews.cc/ 		34 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.kknews.cc/blank-ad4b0f60.gif
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
445208
cf-polished
origFmt=gif, origSize=43
content-disposition
inline; filename="blank-ad4b0f60.webp"
vary
Accept
content-length
34
last-modified
Fri, 24 Dec 2021 06:54:34 GMT
server
cloudflare
etag
"61c56eaa-2b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
image/webp
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6cb94542ad1c8c7e-EWR
cf-bgj
imgq:85,h2pri
0.jpg
ti2.kknews.cc/E_PvRXtpXM5Z-Mdq27M3ZYLoVl-VYSO9/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ti2.kknews.cc/E_PvRXtpXM5Z-Mdq27M3ZYLoVl-VYSO9/0.jpg
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16f93ec6837b93b1ae05157f6aafd4138a4c3aa51b6c8116bc3ef439a5f87f3d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 10 Jan 2022 22:16:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=504063560
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
6cb94542ad1f8c7e-EWR
content-length
6503
expires
Thu, 31 Dec 2037 23:55:55 GMT
0.jpg
ti1.kknews.cc/OV5bzjKgB5ppbbQE3UQTmSYMpqui3vy1L2bqTg/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ti1.kknews.cc/OV5bzjKgB5ppbbQE3UQTmSYMpqui3vy1L2bqTg/0.jpg
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be7ab1bf20aaad89f2b7a9ce8d6bc057fa4b269ca9a512d14f82576beffc4c3d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 10 Jan 2022 22:16:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=504063560
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
6cb94542ad288c7e-EWR
content-length
5699
expires
Thu, 31 Dec 2037 23:55:55 GMT
0.jpg
ti1.kknews.cc/6yP4h9RX0v-73XSp4xWAhlX3vU1jWWDu/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ti1.kknews.cc/6yP4h9RX0v-73XSp4xWAhlX3vU1jWWDu/0.jpg
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13558c03b91fa261f6ab712f755648add306b9d2877a1becb6b14d8d47f27ac1
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 10 Jan 2022 22:16:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=504063560
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
6cb94542ad2c8c7e-EWR
content-length
7972
expires
Thu, 31 Dec 2037 23:55:55 GMT
0.jpg
ti1.kknews.cc/Txdm84o77VzCezZv_At4f_vd9zHDVdW9/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ti1.kknews.cc/Txdm84o77VzCezZv_At4f_vd9zHDVdW9/0.jpg
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad2248af8157939814230248d459527b1f8f192945d9ba9e0edbc7fa5879fcd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 10 Jan 2022 22:16:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=504063560
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
6cb94542ad2d8c7e-EWR
content-length
4685
expires
Thu, 31 Dec 2037 23:55:55 GMT
0.jpg
ti2.kknews.cc/wNy3j2fAtspt1oJUnFaMsGdAhuiFvcpd/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ti2.kknews.cc/wNy3j2fAtspt1oJUnFaMsGdAhuiFvcpd/0.jpg
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
104c1aaa4631b54f0dec43a9453ce830ba6bbd45060ea4bd8c6de5ff935c7e36
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 10 Jan 2022 22:16:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=504063560
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
6cb94542dd9a8c7e-EWR
content-length
5805
expires
Thu, 31 Dec 2037 23:55:55 GMT
0.jpg
ti2.kknews.cc/j_uikSFJ7dXllNOVaQDcXbsLPmOgYtE6/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ti2.kknews.cc/j_uikSFJ7dXllNOVaQDcXbsLPmOgYtE6/0.jpg
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7774633c3e80efda33af9dbc56d9df43fddda73e0e63f01c1a7645768275c86c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 10 Jan 2022 22:16:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=504063560
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
6cb94542dd9c8c7e-EWR
content-length
6827
expires
Thu, 31 Dec 2037 23:55:55 GMT
0.jpg
ti1.kknews.cc/OyJH3WYZbs4qSvZcee2DCsSk0Ju4EIA/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ti1.kknews.cc/OyJH3WYZbs4qSvZcee2DCsSk0Ju4EIA/0.jpg
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c3dd9289d26d99e764bd91f701b7fdc3582cbf6aaa87becb09e75d49adfe613
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 10 Jan 2022 22:16:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=504063560
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
6cb94542dd9f8c7e-EWR
content-length
6717
expires
Thu, 31 Dec 2037 23:55:55 GMT
0.jpg
ti2.kknews.cc/2u6b4MvDJOLHamwokowWyj3DpMscOZw5/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ti2.kknews.cc/2u6b4MvDJOLHamwokowWyj3DpMscOZw5/0.jpg
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09945ab3fd76bcba07a2cc30e11543000b5a2f4720b42d4c90f0f2fe919209d7
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 10 Jan 2022 22:16:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=504063560
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
6cb94542eda48c7e-EWR
content-length
7317
expires
Thu, 31 Dec 2037 23:55:55 GMT
0.jpg
ti1.kknews.cc/brShCPhGWF21cI31VzNrnKTPO1vAJyjj/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ti1.kknews.cc/brShCPhGWF21cI31VzNrnKTPO1vAJyjj/0.jpg
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab11cfcbf90f49e370445e62f59d52ff0e60f00fe6d95821851107bea0a32884
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 10 Jan 2022 22:16:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=504063560
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
6cb94542eda88c7e-EWR
content-length
3389
expires
Thu, 31 Dec 2037 23:55:55 GMT
0.jpg
ti2.kknews.cc/Ajn0Z2Ytdt121V8kKFKqQ0wavLg2Ah81/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ti2.kknews.cc/Ajn0Z2Ytdt121V8kKFKqQ0wavLg2Ah81/0.jpg
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a772d757e2f83bfe2ea55f81e95c359484772b5d0915893ae55beadad634788d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Mon, 10 Jan 2022 22:16:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=504063560
strict-transport-security
max-age=15552000; includeSubDomains; preload
accept-ranges
bytes
cf-ray
6cb94542edab8c7e-EWR
content-length
6478
expires
Thu, 31 Dec 2037 23:55:55 GMT
ad.js
img.scupio.com/js/ 		71 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/ad.js
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.236.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-236-81.atl56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
9a776b53f1904f758292272f57a5239cb83eec1c10e5533faffbd2461074093e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
content-encoding
gzip
last-modified
Thu, 06 Jan 2022 08:32:19 GMT
server
nginx/1.12.1
x-amz-cf-pop
ATL56-P1
etag
W/"61d6a913-11dec"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=900
x-amz-cf-id
dEnE0cAzerzqLgGX3rMkJL_DXXj28nhKrgTqHNFFS8IpxyWuI1jFXQ==
via
1.1 f11cffdfa0c7886041aee925b0816e26.cloudfront.net (CloudFront)
expires
Mon, 10 Jan 2022 22:29:53 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 06:44:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
55918
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30028
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 10 Jan 2023 06:44:37 GMT
all-4c5e2bc3.js
a.kknews.cc/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.kknews.cc/all-4c5e2bc3.js
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b41fadd5792db8e1e72ff69687259e6d14feac4313d2556b689318b3d095383
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1609232
vary
Accept-Encoding
last-modified
Thu, 23 Dec 2021 07:11:48 GMT
server
cloudflare
etag
W/"61c42134-4850"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=315360000
cf-ray
6cb94545ad1b8c7e-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
icomoon-a8b442d9.ttf
a.kknews.cc/fonts/ 		1 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://a.kknews.cc/fonts/icomoon-a8b442d9.ttf?fv5j1q
Requested by
Host: a.kknews.cc
URL: https://a.kknews.cc/style-a4186276.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.27.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05d9646d31e06696ba02b42aeff28d1338ba347d22dbccf765e8890085498866
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://a.kknews.cc/style-a4186276.css
Origin
https://kknews.cc
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
1608494
vary
Accept-Encoding
content-length
1528
last-modified
Thu, 23 Dec 2021 07:23:32 GMT
server
cloudflare
etag
"61c423f4-5f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
6cb945433a6d8c57-EWR
expires
Thu, 31 Dec 2037 23:55:55 GMT
tag.js
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 		194 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbd37284a3841f5f82188e6992c2797e8a2c678baa70b536bbad5cbe5bcc783e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
5118
x-jsd-version
1.213.0
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19154-FRA, cache-ewr18174-EWR
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"309ec-chN8l139bJzUucMsY5JKgWs7ARs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
6cb94545db1517b5-EWR
truncated
/ 		498 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3c4b303b47dd993eef7b057e922af64b9a0611a01c4771159936d1c3bb85303

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b78f0efbac27a14e6d3f33d8d98e95058dd9614cf51b1197dbfb03e8c58ad443

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
39cdf1102da3a29708cec7030698eaa7b87cb13a7790c064cd205a38f4af6d7f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		834 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2077ab601f5e19112c0d009b8869a763f25e1897ea88bdfef7babb26e1ffc004

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		372 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
252fcbfe9a3c8644a4d29d8cb405e283128ad607fe444157686577f2192fd7f2

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
yap.js
s.yimg.com/av/yap/ga/ 		69 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/av/yap/ga/yap.js
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:15:17 GMT
content-encoding
gzip
x-amz-meta-created-date
Thu, 14 Jun 2018 21:01:51 GMT
age
79
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1529010111289407
vary
Accept-Encoding,Origin
x-amz-request-id
9Y552YRPQ3G7A0QW
x-amz-id-2
YnJ6nOaccCOriHOaiE7Uy30C+2imbD5sD2sAk9vgRLleL4u/1qCvRFMYEMq/9O90y2p88/jlyao=
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 22 Jun 2018 20:24:03 GMT
server
ATS
etag
"dc33089f908605f46038b49337653924-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
content-type
application/javascript
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,stale-while-revalidate=30,max-age=3600
accept-ranges
bytes
x-amz-meta-x-ysws-access
public
x-amz-meta-mbst-etag
"YM:1:f804d14e-b940-4c8c-9951-826241a860ad00056ea0688a983f"
x-content-type-options
nosniff
expires
Fri, 22 Jun 2018 21:24:02 GMT
log
pixel.kknews.cc/ 		43 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.kknews.cc/log
Requested by
Host: a.kknews.cc
URL: https://a.kknews.cc/all-4c5e2bc3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.27.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://kknews.cc/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15552000; includeSubDomains; preload
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
*
cf-ray
6cb94545f9628c57-EWR
content-length
43
0.jpg
i1.kknews.cc/AsQGbQsLNhByTZRqbqyA6_Ws9kxxGA/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i1.kknews.cc/AsQGbQsLNhByTZRqbqyA6_Ws9kxxGA/0.jpg
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9149038c3b0cadbb4af132b85f16c17b2e47216317b6f66928f77b8d02b0151d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-source
85,02387f31d5dc040a
content-length
43237
last-modified
Mon, 10 Jan 2022 22:16:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6cb945462ec68c7e-EWR
expires
Sun, 18 Jan 2032 03:24:00 GMT
0.jpg
i2.kknews.cc/Juh3KT_qh9BEyXm7G4kQGLpmeD-UwNa2/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i2.kknews.cc/Juh3KT_qh9BEyXm7G4kQGLpmeD-UwNa2/0.jpg
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.26.227 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d5597975621d18852f90bbd6e0cfba836f727d8e4827776d36ab987a5c4ed51
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
x-cache
HIT
x-source
83,02387f1fe6c0433c
content-length
80654
last-modified
Mon, 10 Jan 2022 22:16:35 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6cb945463f088c7e-EWR
expires
Sun, 18 Jan 2032 03:24:00 GMT
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ 		42 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?locale=en_us&agentVersion=205&adTrackingEnabled=true&adUnitCode=011c9e2a-b3bc-4891-8dfb-51f22298d75f&apiKey=5VFG9CCSQM8CC5Y79FFF&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Fkknews.cc&caps=16&cb=JSONPCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.6.138.64 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
media-router-flurry71.prod.media.vip.bf1.yahoo.com
Software
ATS /
Resource Hash
6badb7720a64339c6868c51e96cc3618a53f4a9667781904a44f413cd879c337
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
content-encoding
gzip
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
strict-transport-security
max-age=31536000
1
mc.yandex.ru/watch/3/
Redirect Chain
  • https://mc.yandex.ru/watch/3?wmode=7&page-url=https%3A%2F%2Fkknews.cc%2Ffood%2Fz9oa5l.html&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A610%3Afu%3A0%3Aen...
  • https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fkknews.cc%2Ffood%2Fz9oa5l.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A610%3Afu%3A0%3Ae...
167 B
249 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=https%3A%2F%2Fkknews.cc%2Ffood%2Fz9oa5l.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A610%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A2%3Adp%3A0%3Als%3A1556310527522%3Ahid%3A219253257%3Az%3A0%3Ai%3A202201010221635%3Aet%3A1641852996%3Ac%3A1%3Arn%3A1012190310%3Arqn%3A1%3Au%3A1641852996607056933%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641852994569%3Ads%3A0%2C0%2C173%2C61%2C209%2C0%2C%2C252%2C0%2C%2C%2C%2C640%3Adsn%3A0%2C0%2C174%2C61%2C209%2C0%2C%2C195%2C1%2C%2C%2C%2C639%3Awv%3A2%3Aco%3A0%3Ast%3A1641852996&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
16f394408996e0cdad9bcba7edaa56becaaa265e8a52d027cd95891e7a936e50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 10-Jan-2022 22:16:35 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kknews.cc
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
167
x-xss-protection
1; mode=block
expires
Mon, 10-Jan-2022 22:16:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 22:16:35 GMT
last-modified
Mon, 10-Jan-2022 22:16:35 GMT
location
/watch/3/1?wmode=7&page-url=https%3A%2F%2Fkknews.cc%2Ffood%2Fz9oa5l.html&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A610%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A2%3Adp%3A0%3Als%3A1556310527522%3Ahid%3A219253257%3Az%3A0%3Ai%3A202201010221635%3Aet%3A1641852996%3Ac%3A1%3Arn%3A1012190310%3Arqn%3A1%3Au%3A1641852996607056933%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641852994569%3Ads%3A0%2C0%2C173%2C61%2C209%2C0%2C%2C252%2C0%2C%2C%2C%2C640%3Adsn%3A0%2C0%2C174%2C61%2C209%2C0%2C%2C195%2C1%2C%2C%2C%2C639%3Awv%3A2%3Aco%3A0%3Ast%3A1641852996&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://kknews.cc
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 10-Jan-2022 22:16:35 GMT
1
mc.yandex.ru/watch/80806720/
Redirect Chain
  • https://mc.yandex.ru/watch/80806720?wmode=7&page-url=https%3A%2F%2Fkknews.cc%2Ffood%2Fz9oa5l.html&charset=utf-8&site-info=%7B%22ads%22%3Afalse%2C%22fmt%22%3A%22html%22%2C%22cat%22%3A%22food%22%2C%2...
  • https://mc.yandex.ru/watch/80806720/1?wmode=7&page-url=https%3A%2F%2Fkknews.cc%2Ffood%2Fz9oa5l.html&charset=utf-8&site-info=%7B%22ads%22%3Afalse%2C%22fmt%22%3A%22html%22%2C%22cat%22%3A%22food%22%2C...
331 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/watch/80806720/1?wmode=7&page-url=https%3A%2F%2Fkknews.cc%2Ffood%2Fz9oa5l.html&charset=utf-8&site-info=%7B%22ads%22%3Afalse%2C%22fmt%22%3A%22html%22%2C%22cat%22%3A%22food%22%2C%22src%22%3A%224501207722%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A610%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A327142862771%3Ahid%3A219253257%3Az%3A0%3Ai%3A202201010221635%3Aet%3A1641852996%3Ac%3A1%3Arn%3A994488565%3Arqn%3A1%3Au%3A1641852996607056933%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641852994569%3Ads%3A0%2C0%2C173%2C61%2C209%2C0%2C%2C252%2C0%2C%2C%2C%2C640%3Adsn%3A0%2C0%2C174%2C61%2C209%2C0%2C%2C195%2C1%2C%2C%2C%2C639%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641852996%3At%3A%E5%90%83%E8%B2%A8%E5%88%86%E4%BA%AB%E2%94%83%E4%BD%A0%E5%80%91%E7%9C%BC%E4%B8%AD%E9%87%8D%E5%8F%A3%E5%91%B3%E7%9A%84%E7%BE%8A%E7%99%9F%E6%B9%AF%EF%BC%8C%E5%85%B6%E5%AF%A6%E6%98%AF%E3%80%8C%E5%B0%8F%E6%B8%85%E6%96%B0%E3%80%8D%20-%20%E6%AF%8F%E6%97%A5%E9%A0%AD%E6%A2%9D&t=gdpr%2814%29aw%281%29ti%282%29
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
355020606dc2f40ae0fef4e9293f74e6d3818b927809e8175f7d9f3d1d651251
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 22:16:35 GMT
x-content-type-options
nosniff
last-modified
Mon, 10-Jan-2022 22:16:35 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://kknews.cc
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Mon, 10-Jan-2022 22:16:35 GMT

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 22:16:35 GMT
last-modified
Mon, 10-Jan-2022 22:16:35 GMT
location
/watch/80806720/1?wmode=7&page-url=https%3A%2F%2Fkknews.cc%2Ffood%2Fz9oa5l.html&charset=utf-8&site-info=%7B%22ads%22%3Afalse%2C%22fmt%22%3A%22html%22%2C%22cat%22%3A%22food%22%2C%22src%22%3A%224501207722%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aykcyjlph1z7qhpasan%3Afp%3A610%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A720%3Acn%3A1%3Adp%3A0%3Als%3A327142862771%3Ahid%3A219253257%3Az%3A0%3Ai%3A202201010221635%3Aet%3A1641852996%3Ac%3A1%3Arn%3A994488565%3Arqn%3A1%3Au%3A1641852996607056933%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1641852994569%3Ads%3A0%2C0%2C173%2C61%2C209%2C0%2C%2C252%2C0%2C%2C%2C%2C640%3Adsn%3A0%2C0%2C174%2C61%2C209%2C0%2C%2C195%2C1%2C%2C%2C%2C639%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1641852996%3At%3A%E5%90%83%E8%B2%A8%E5%88%86%E4%BA%AB%E2%94%83%E4%BD%A0%E5%80%91%E7%9C%BC%E4%B8%AD%E9%87%8D%E5%8F%A3%E5%91%B3%E7%9A%84%E7%BE%8A%E7%99%9F%E6%B9%AF%EF%BC%8C%E5%85%B6%E5%AF%A6%E6%98%AF%E3%80%8C%E5%B0%8F%E6%B8%85%E6%96%B0%E3%80%8D%20-%20%E6%AF%8F%E6%97%A5%E9%A0%AD%E6%A2%9D&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://kknews.cc
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Mon, 10-Jan-2022 22:16:35 GMT
advert.gif
mc.yandex.ru/metrika/ 		43 B
186 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.ru/metrika/advert.gif
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
last-modified
Thu, 23 Dec 2021 16:10:01 GMT
etag
"61c47529-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Mon, 10 Jan 2022 23:16:35 GMT
adreqlog.aspx
bw.scupio.com/adpinline/ 		0
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/adreqlog.aspx?cid=14765&cb=0.21081480731732194
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*
Referer
https://kknews.cc/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 10 Jan 2022 22:16:36 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://kknews.cc
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
14765.json
img.scupio.com/js/config/ 		452 B
842 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/14765.json?v=1.0.3839
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.236.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-236-81.atl56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
eaa276c4b427b20f777692d5287c8354e83263cd927d884463c45e557c7bb267

Request headers

Accept
application/json, text/javascript, */*
Referer
https://kknews.cc/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 22:16:18 GMT
via
1.1 cf3d1e052996caae2818411d17bb4fc2.cloudfront.net (CloudFront)
last-modified
Mon, 10 Jan 2022 02:20:33 GMT
server
nginx/1.12.1
age
16
etag
"61db97f1-1c4"
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-pop
ATL56-P1
accept-ranges
bytes
content-length
452
x-amz-cf-id
uEI7FTjHkXSFCsY5GVbugOcf-kX7I6O_WigyIygUBR-spuGNfKNlbg==
expires
Tue, 11 Jan 2022 01:16:18 GMT
ad.html
img.scupio.com/html/ Frame 9745 		35 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ad.html?v=1.0.60
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/ad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.236.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-236-81.atl56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
ce42cee29ef64c38889bc6168dbd6f2ae2d45054070e5ac56968b8937d77900b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.12.1
last-modified
Mon, 13 Dec 2021 05:54:28 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Mon, 10 Jan 2022 21:33:14 GMT
expires
Wed, 09 Feb 2022 21:28:56 GMT
cache-control
max-age=2592000
etag
W/"61b6e014-8d3c"
x-cache
Hit from cloudfront
via
1.1 f11cffdfa0c7886041aee925b0816e26.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL56-P1
x-amz-cf-id
TiFeTjUHPZBO2ELQIV0WSowaiAdGojhz1dqYDQJgKQ4_PTFxPUMSxA==
age
2859
5VFG9CCSQM8CC5Y79FFF_a2tuZXdz_1638326162441
s.yimg.com/ys/ 		1 KB
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/ys/5VFG9CCSQM8CC5Y79FFF_a2tuZXdz_1638326162441?cb=ygscb
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/av/yap/ga/yap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
428e7b699135c10a7e969f89a902eeb14aac65cc7316f3ec5fc072e5b405f529
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 22:47:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
862158
x-amz-server-side-encryption
AES256
vary
Accept-Encoding,Origin
content-length
461
x-amz-id-2
oXCnDG2/P08Q/Y523xpMiQv5bLF+r6Mc6QJXDpXg7rhDc+AnIRIFye8hOFsh6DLTigFCiZONsPI=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 01 Dec 2021 02:36:03 GMT
server
ATS
etag
"af9623266230ac2b2e4daf2c3dfedaef-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
YBVEM7SHP30JB0FC
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public, stale-while-revalidate=30, max-age=2592000
accept-ranges
bytes
content-type
text/javascript; charset=utf-8
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ Frame 9745 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.60
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:81f::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 05:52:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
145460
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33951
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 09 Jan 2023 05:52:15 GMT
prebid.js
img.scupio.com/js/ Frame 9745 		259 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/prebid.js?v=5.20.0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.236.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-236-81.atl56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
203952d95f704a3d83b4f4d2b637c3ec6eed453918da831b11433d6854770063

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.60
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 04:07:12 GMT
server
nginx/1.12.1
x-amz-cf-pop
ATL56-P1
etag
W/"617f67f0-40b0e"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-id
A4-GFJFEaBDKVYH6dmjgmWSTnXWYnTj-AgHjrxHEmCCRwT15QYt1LA==
via
1.1 f11cffdfa0c7886041aee925b0816e26.cloudfront.net (CloudFront)
expires
Wed, 09 Feb 2022 22:13:36 GMT
truncated
/ 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/gif
b0d125137111ba9f303eecc7a7d214c6.jpeg
s.yimg.com/lo/api/res/1.2/CFWs9.tUk0pC4ghheqBs7A--~A/Zmk9Zml0O3c9MTIwMDtoPTYyNztxPTkwO2FwcGlkPWEwMDE7/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ 		130 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/CFWs9.tUk0pC4ghheqBs7A--~A/Zmk9Zml0O3c9MTIwMDtoPTYyNztxPTkwO2FwcGlkPWEwMDE7/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/b0d125137111ba9f303eecc7a7d214c6.jpeg
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
ea5512de042a1e9db69050160e20580906aae9b4bae8514b7b01bc08a9648834
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 31 Dec 2021 03:54:43 GMT
x-content-type-options
nosniff
age
930112
cld_latency
1
edge-cache-tag
241807722194940178489277659117877998182,321505634656076165513250936569758141812,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
HIT
status
200 OK
server
ATS
cld_hits
1
x-cache
HIT
strict-transport-security
max-age=15552000
content-length
133188
x-xss-protection
1; mode=block
cld_by
cache-wdc5541-WDC
x-served-by
cache-wdc5541-WDC
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 30 Dec 2021 16:45:19 GMT
x-request-id
4abd138429c19782194549357a91af24
x-timer
S1640922883.046153,VS0,VE1
etag
"d806b1dc33e31249e6bb131daca47591"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
cache-tag
241807722194940178489277659117877998182,321505634656076165513250936569758141812,ae7a14591aaf8d474cdb3f92111c923e
cld_id
4abd138429c19782194549357a91af24
x-cache-hits
1
syndication_alt@2x.png
s.yimg.com/av/dh/ap/av/moneyball/assets/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/av/dh/ap/av/moneyball/assets/syndication_alt@2x.png
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
1ce0e4e128ff61373f69ad7c62c8e574d90574deaf5b48873b799f1a21792985
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 21:46:25 GMT
x-amz-meta-created-date
Sun, 08 Mar 2015 22:04:03 GMT
age
1811
x-amz-server-side-encryption
AES256
x-amz-meta-x-ysws-mbst-vtime
1425852243430341
strict-transport-security
max-age=15552000
x-amz-request-id
G4YWYKXHHZ3PNKX2
x-amz-id-2
A3ZxBfEJs4nAHiPuOWLh8vYRxOOaQD/P6AEZFDt92iWFsVMAd8bNgP3sBcUajs6L1amnrsVU5fI=
accept-ranges
bytes
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 19 May 2018 12:00:53 GMT
server
ATS
etag
"7e838dbc905319a437c457d9bad92cd6"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin
content-type
image/png
access-control-allow-origin
*
x-xss-protection
1; mode=block
cache-control
public,stale-while-revalidate=30,max-age=3600
content-length
2332
x-amz-meta-x-ysws-access
public
x-amz-meta-mbst-etag
"YM:1:aa037d77-17be-4d93-94b7-c52346403577000510ce1878cbc5"
x-content-type-options
nosniff
expires
Sat, 19 May 2018 13:00:52 GMT
5cc3e0552e23bc9d580b3eed16f9cb6b.png
s.yimg.com/lo/api/res/1.2/mzA9yAsWHyXQnYEdxlSjCA--~A/Zmk9Zml0O3c9MTIwMDtoPTYyNztxPTkwO2FwcGlkPWEwMDE7/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ 		486 KB
487 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/mzA9yAsWHyXQnYEdxlSjCA--~A/Zmk9Zml0O3c9MTIwMDtoPTYyNztxPTkwO2FwcGlkPWEwMDE7/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/5cc3e0552e23bc9d580b3eed16f9cb6b.png
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
8eb2e175a17e4ab4727d4fb12ee5be92d756397e57bc291b22c578a80222ef18
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 08:07:18 GMT
x-content-type-options
nosniff
age
137357
cld_latency
1
edge-cache-tag
391438612577210146747617742407208141960,321505634656076165513250936569758141812,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
HIT
cld_hits
1
x-cache
HIT
strict-transport-security
max-age=15552000
content-length
497544
x-xss-protection
1; mode=block
cld_by
cache-wdc5544-WDC
x-served-by
cache-wdc5544-WDC
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 06 Jan 2022 00:01:17 GMT
server
ATS
x-timer
S1641715638.113188,VS0,VE1
etag
"036c503f7d38cc45f6a2d817e6227a6c"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
cache-tag
391438612577210146747617742407208141960,321505634656076165513250936569758141812,ae7a14591aaf8d474cdb3f92111c923e
x-cache-hits
1
4f48cc801bec2e2ea550d366d2102f82.png
s.yimg.com/lo/api/res/1.2/yr9OLQKFEcAit2JK98YvwA--~A/Zmk9Zml0O3c9MTIwMDtoPTYyNztxPTkwO2FwcGlkPWEwMDE7/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ 		573 KB
574 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/yr9OLQKFEcAit2JK98YvwA--~A/Zmk9Zml0O3c9MTIwMDtoPTYyNztxPTkwO2FwcGlkPWEwMDE7/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/4f48cc801bec2e2ea550d366d2102f82.png
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
215c76d7fe6fcabb5a534502b2694c3d551719b1182ccf54d708436929959f8e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sun, 09 Jan 2022 18:46:22 GMT
x-content-type-options
nosniff
age
99013
cld_latency
130
edge-cache-tag
339520493083752005437042358118943415645,321505634656076165513250936569758141812,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
MISS
cld_hits
0
x-cache
MISS
strict-transport-security
max-age=15552000
content-length
587026
x-xss-protection
1; mode=block
cld_by
cache-wdc5577-WDC
x-served-by
cache-wdc5577-WDC
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 18 Nov 2021 06:10:48 GMT
server
ATS
x-timer
S1641753983.633134,VS0,VE130
etag
"36d37d51b3f7b8663dd1b8d73adda78f"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
SAMEORIGIN
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
cache-tag
339520493083752005437042358118943415645,321505634656076165513250936569758141812,ae7a14591aaf8d474cdb3f92111c923e
x-cache-hits
0
bf863fd57a5f6fe0091382fae4004435.jpeg
s.yimg.com/lo/api/res/1.2/_vClixK6dpxzwobgNzVCkg--~A/Zmk9Zml0O3c9MTIwMDtoPTYyNztxPTkwO2FwcGlkPWEwMDE7/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/ 		85 KB
86 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/lo/api/res/1.2/_vClixK6dpxzwobgNzVCkg--~A/Zmk9Zml0O3c9MTIwMDtoPTYyNztxPTkwO2FwcGlkPWEwMDE7/https://s.yimg.com/av/curveball/ads/pr/RESIZE_AND_CROP/1200x627/bf863fd57a5f6fe0091382fae4004435.jpeg
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
fc1b542f3c936c823ac131ad1528789c52562d3d8cb5e4db8c8e2f9e4365dc91
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 03 Jan 2022 16:35:48 GMT
x-content-type-options
nosniff
age
625247
cld_latency
1
edge-cache-tag
375807899600799406738600406888606777570,321505634656076165513250936569758141812,ae7a14591aaf8d474cdb3f92111c923e
cld_cache
HIT
cld_hits
1
x-cache
HIT
strict-transport-security
max-age=15552000
content-length
87135
x-xss-protection
1; mode=block
cld_by
cache-wdc5523-WDC
x-served-by
cache-wdc5523-WDC
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 09 Nov 2021 17:10:05 GMT
server
ATS
x-timer
S1641227749.517967,VS0,VE1
etag
"c4c69498b95f0eb81fff1ab99dbea265"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
cache-tag
375807899600799406738600406888606777570,321505634656076165513250936569758141812,ae7a14591aaf8d474cdb3f92111c923e
x-cache-hits
1
currency.json
img.scupio.com/js/config/ Frame 9745 		108 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/js/config/currency.json
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.236.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-236-81.atl56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
c8a72aa0d3cdd75dfa5b56b8ec6231d3e5571205b5d15ffc116b4139588c27cc

Request headers

Referer
https://img.scupio.com/html/ad.html?v=1.0.60
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jan 2022 22:16:19 GMT
via
1.1 f11cffdfa0c7886041aee925b0816e26.cloudfront.net (CloudFront)
last-modified
Mon, 10 Jan 2022 19:15:06 GMT
server
nginx/1.12.1
age
55
etag
"61dc85ba-6c"
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=10800
x-amz-cf-pop
ATL56-P1
accept-ranges
bytes
content-length
108
x-amz-cf-id
siE94W9j9IzpqR8EXrOPdJoa-6VNBj6hu03XVlC-FT14eiK6ONgFlA==
expires
Tue, 11 Jan 2022 01:15:40 GMT
header
hb.aralego.com/ Frame 9745 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.aralego.com/header?ver=ADGENT_PREBID-2018011501&ifr=0&bl=en-US&je=1&dnt=0&adid=ad-E2B246A98724B78E072DE4D8BB6D2AB2&tdid=&schain=1.0%2C1!scupio.com%2C4469%2C1%2C%2C%2C&eids=&pubcid=3c68207a-1a19-4f61-baa2-0019b52e2b63&host=img.scupio.com&u=https%3A%2F%2Fimg.scupio.com&xr=1&ao=https%3A%2F%2Fkknews.cc&ucfUid=6b6910d1-61ef-4b71-8ddc-95a2256d9e70&w=300&h=600
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
dbdb2d3d3ee6c7e6e75361867aec8f143b8d4b94e32ed99eaae2f2c7a7350bbe

Request headers

Referer
https://img.scupio.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jan 2022 22:16:36 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/json; charset=utf-8
access-control-allow-origin
https://img.scupio.com
transfer-encoding
chunked
connection
close
access-control-allow-credentials
true
cdb
bidder.criteo.com/ Frame 9745 		0
215 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.20.0-pre&cb=3318181907
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.129 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
bidder.va1.vip.prod.criteo.com
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://img.scupio.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 10 Jan 2022 22:16:35 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://img.scupio.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid.json
ad.holmesmind.com/adserver/ Frame 9745 		0
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.holmesmind.com/adserver/prebid.json?cb=1641852995828&hb=1&ver=1.21
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.168.194.199 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-168-194-199.ap-northeast-1.compute.amazonaws.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Mon, 10 Jan 2022 22:16:36 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
prebid.aspx
prebid.scupio.com/recweb/ Frame 9745 		0
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.scupio.com/recweb/prebid.aspx?cb=0.44122746982032823
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.181 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 10 Jan 2022 22:16:35 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
text/html
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
bids
prebid-asia.creativecdn.com/bidder/prebid/ Frame 9745 		0
176 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS
ip-103-132-192-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://img.scupio.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://img.scupio.com
date
Mon, 10 Jan 2022 22:16:36 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain
  • https://mc.webvisor.org/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9514.pTgNfjDCzKoFwYHSTD14cEYUjQ_gl-0qUxUZzVQz0QjKK09e2nkuzVRwbO1H63Vt.pF4WiKGzO2vw7Y8M-1XyyiDuukI%2C
  • https://mc.webvisor.org/sync_cookie_image_decide?token=9514.JdT1mb0sPnU9iZXGdFbIQ4SP2vdOvM7MM-D_rlsuswQP2xov4_ajf0B8MZf9Wroqr_jTafvd99ImYh2ySHth6p9hrxlUIxHQVx9ZJ0Z8SBY%2C.RH4UT4M3FPnL_92gGeGpYZZ0no...
43 B
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.webvisor.org/sync_cookie_image_decide?token=9514.JdT1mb0sPnU9iZXGdFbIQ4SP2vdOvM7MM-D_rlsuswQP2xov4_ajf0B8MZf9Wroqr_jTafvd99ImYh2ySHth6p9hrxlUIxHQVx9ZJ0Z8SBY%2C.RH4UT4M3FPnL_92gGeGpYZZ0noI%2C
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Server
80.239.201.10 , Sweden, ASN1299 (TWELVE99 Twelve99, Telia Carrier, SE),
Reverse DNS
80-239-201-10.teliacarrier-cust.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:36 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.webvisor.org/sync_cookie_image_decide?token=9514.JdT1mb0sPnU9iZXGdFbIQ4SP2vdOvM7MM-D_rlsuswQP2xov4_ajf0B8MZf9Wroqr_jTafvd99ImYh2ySHth6p9hrxlUIxHQVx9ZJ0Z8SBY%2C.RH4UT4M3FPnL_92gGeGpYZZ0noI%2C
date
Mon, 10 Jan 2022 22:16:36 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
P6OJ-DvmYBw
pr.ybp.yahoo.com/ab/secure/true/imp/sjX6xPKN_t0hFno-n0EEtoDgXOMOwj6F3XGkyE3_jNU4RqNzkobXi2s4JKBLV2KtiEZvamajqyoA5rbnoaCqDzWSNu8Q2QPv_bDbRmSjgxbf4kh2AmJyoYOipdHNg0TbO6A-3fHMYdQT9kbeeX-GKjiQKanyxEJtZ... Frame 1696 		3 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pr.ybp.yahoo.com/ab/secure/true/imp/sjX6xPKN_t0hFno-n0EEtoDgXOMOwj6F3XGkyE3_jNU4RqNzkobXi2s4JKBLV2KtiEZvamajqyoA5rbnoaCqDzWSNu8Q2QPv_bDbRmSjgxbf4kh2AmJyoYOipdHNg0TbO6A-3fHMYdQT9kbeeX-GKjiQKanyxEJtZ_22KbNzW-d2xzyciyzIILfkmVHJTILwtCwmPfQ7PgRT0bHzSBTfmNZZ3DNc7ZX9CsFXR9--J0Z1nDhS6AK0MgIZQsfHMx-ERqdhlfeu81Fzko2BrHftg0pjlZZLrAlokyLLmew3A_vm5vS_CqxjnEMHNIGDesnzs4zNXTrhCS20fr_w40fsuFJ145r60MCjEbbmbfuRkd91JZIadwgPzpUauCW9uJ314NOMccGH_fCitfxRAtoamMfS22V3gLYZPRvF5fikyQUEB3aLvfQegua3GzUp7pS1hEji9og8X2f7tGG41JMj6yxDPsyNlkrlEbsXYOcQaHPmUt8EIQ-0c-iZc7gyK6c2KL6QD7y_1cf69jIP8rxjplOhVexNvth4DSXsnjrgQAU6JK2uItJnJlc7qfHwF_PIarRwoFynWAa2RVRht0p0DGGzhfLGrpxKUaNLg2lnQ0Qwol6gIeRCNL0YBrQrdC9Atiusq6uhnRxmqWYQcVnCEzWE3FrRSf5HoukPoUHWtcKJofmLElUpYggumJgdaXXUMzRM8BFcGN8-xrBvJ-2qNC8kKDW3rS0RlommwVyFTqLfc5_icvGcuYy9kwOXGjFsq1kwpzIvEdiLbhhkC6bxvl4MbZFfhcuAingevqQ4hekCHz8-5YKRMc33B5Ol2UdYSkaCBaTzalk_thuhCnXrwOfzDc00BoUjZgFEjpTFXDO58aVV_ddYPcOqOI6_L3l5-5tfGy01EiXrh3eNTj4J0s4k1zM5PtrDHIOA2BZq3_illz_FwRa5hlNSxgpMWMjA_C8OyCmS4HDsGE2QtdUv6WOexysE2FZ9mSDgpwNHpUJMGXLUQR4tZCyRYDjcZtXE3xi3EmYdO5LIv0-Aezd5pW20LrFS6U8vJRwfoVPzObTHSm0Q4DoYfYQgsgobC4ukBlo9ArezwsnS85z2azlZr7id3pJyQdNMfjl1iRHgy1_fnwFrjpURIS1HFxSsuXRAwQNQNRGGUq-030unHpctKRBBpMpan4kdZagABvLquddh2OI46CcLu9X2houTWrRn9_xSWlsyRGm851deT7LBZLgtV6ucPL7LoaXmjYz-x-GROd3EVS28JguYzL9Mogu73YI7EsfBTeZ15d2mwnumo3WhbjKOFgl5jfUXM-7Ta6cnyKPWipLiDuq_5PmPrPr_yE2rZBg-EwprTDIFOjQZ8jyPIZ0C26knwqzLZafqBVknZrEgNcQKcG_nkdSRU1CnW40xdS_6TOUDX_azCZmF67_iVyGG73_3qVsUfa8gMsR7B_Mgv-Ymc8uGVKIeFUTuSNjp9pu8uHhGWlqGf00O0WE3X7M2pgqXsCB49H2zX9RZNeC1b--uyYaBkVtJtUu7gPmEOhFYLnklLe5cC4wjre7bxI5ri_ZiExKCjSG0rw6kfxmo0fQSkpVp4tAUEfKs7rfRI9I3NCI/wp/P6OJ-DvmYBw
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4998:124:1407::d000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
84796003908b6499feb59f387bfb729ab7710f5c08681ceccee01fcf9677815b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 22:16:36 GMT
server
ATS
cache-control
no-store, no-cache, must-revalidate, private, max-age=0
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
text/javascript
expiry
Thu, 01 Jan 1970 00:00:00 GMT
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
content-length
3083
expires
Thu, 01 Jan 1970 00:00:00 GMT
P6OJ-DvmYBw
pr.ybp.yahoo.com/bw/ucfunnel/imp/sjX6xPKN_t0hFno-n0EEtoDgXOMOwj6F3XGkyE3_jNU4RqNzkobXi2s4JKBLV2KtiEZvamajqyoA5rbnoaCqDzWSNu8Q2QPv_bDbRmSjgxbf4kh2AmJyoYOipdHNg0TbO6A-3fHMYdQT9kbeeX-GKjiQKanyxEJtZ_22... Frame 1696 		0
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr.ybp.yahoo.com/bw/ucfunnel/imp/sjX6xPKN_t0hFno-n0EEtoDgXOMOwj6F3XGkyE3_jNU4RqNzkobXi2s4JKBLV2KtiEZvamajqyoA5rbnoaCqDzWSNu8Q2QPv_bDbRmSjgxbf4kh2AmJyoYOipdHNg0TbO6A-3fHMYdQT9kbeeX-GKjiQKanyxEJtZ_22KbNzW-d2xzyciyzIILfkmVHJTILwtCwmPfQ7PgRT0bHzSBTfmNZZ3DNc7ZX9CsFXR9--J0Z1nDhS6AK0MgIZQsfHMx-ERqdhlfeu81Fzko2BrHftg0pjlZZLrAlokyLLmew3A_vm5vS_CqxjnEMHNIGDesnzs4zNXTrhCS20fr_w40fsuFJ145r60MCjEbbmbfuRkd91JZIadwgPzpUauCW9uJ314NOMccGH_fCitfxRAtoamMfS22V3gLYZPRvF5fikyQUEB3aLvfQegua3GzUp7pS1hEji9og8X2f7tGG41JMj6yxDPsyNlkrlEbsXYOcQaHPmUt8EIQ-0c-iZc7gyK6c2KL6QD7y_1cf69jIP8rxjplOhVexNvth4DSXsnjrgQAU6JK2uItJnJlc7qfHwF_PIarRwoFynWAa2RVRht0p0DGGzhfLGrpxKUaNLg2lnQ0Qwol6gIeRCNL0YBrQrdC9Atiusq6uhnRxmqWYQcVnCEzWE3FrRSf5HoukPoUHWtcKJofmLElUpYggumJgdaXXUMzRM8BFcGN8-xrBvJ-2qNC8kKDW3rS0RlommwVyFTqLfc5_icvGcuYy9kwOXGjFsq1kwpzIvEdiLbhhkC6bxvl4MbZFfhcuAingevqQ4hekCHz8-5YKRMc33B5Ol2UdYSkaCBaTzalk_thuhCnXrwOfzDc00BoUjZgFEjpTFXDO58aVV_ddYPcOqOI6_L3l5-5tfGy01EiXrh3eNTj4J0s4k1zM5PtrDHIOA2BZq3_illz_FwRa5hlNSxgpMWMjA_C8OyCmS4HDsGE2QtdUv6WOexysE2FZ9mSDgpwNHpUJMGXLUQR4tZCyRYDjcZtXE3xi3EmYdO5LIv0-Aezd5pW20LrFS6U8vJRwfoVPzObTHSm0Q4DoYfYQgsgobC4ukBlo9ArezwsnS85z2azlZr7id3pJyQdNMfjl1iRHgy1_fnwFrjpURIS1HFxSsuXRAwQNQNRGGUq-030unHpctKRBBpMpan4kdZagABvLquddh2OI46CcLu9X2houTWrRn9_xSWlsyRGm851deT7LBZLgtV6ucPL7LoaXmjYz-x-GROd3EVS28JguYzL9Mogu73YI7EsfBTeZ15d2mwnumo3WhbjKOFgl5jfUXM-7Ta6cnyKPWipLiDuq_5PmPrPr_yE2rZBg-EwprTDIFOjQZ8jyPIZ0C26knwqzLZafqBVknZrEgNcQKcG_nkdSRU1CnW40xdS_6TOUDX_azCZmF67_iVyGG73_3qVsUfa8gMsR7B_Mgv-Ymc8uGVKIeFUTuSNjp9pu8uHhGWlqGf00O0WE3X7M2pgqXsCB49H2zX9RZNeC1b--uyYaBkVtJtUu7gPmEOhFYLnklLe5cC4wjre7bxI5ri_ZiExKCjSG0rw6kfxmo0fQSkpVp4tAUEfKs7rfRI9I3NCI/ai/5c1737d2-ce23-41db-8dab-752daf867175/wp/P6OJ-DvmYBw
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4998:124:1407::d000 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:36 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="2oALgLKofTmeZvoZ1y/fSZg7R9jPMix8eVA6DH4o/q8="; pin-sha256="Gtk3r1evlBrs0hG3fm3VoM19daHexDWP//OCmeeMr5M="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="; pin-sha256="SVqWumuteCQHvVIaALrOZXuzVVVeS7f4FGxxu6V+es4="; pin-sha256="UZJDjsNp1+4M5x9cbbdflB779y5YRBcV6Z6rBMLIrO4="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cAajgxHlj7GTSEIzIYIQxmEloOSoJq7VOaxWHfv72QM="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="iduNzFNKpwYZ3se/XV+hXcbUonlLw09QPa6AYUwpu4M="; pin-sha256="lnsM2T/O9/J84sJFdnrpsFp3awZJ+ZZbYpCWhGloaHI="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
bidinfo.aspx
bw.scupio.com/adpinline/ Frame 9745 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bw.scupio.com/adpinline/bidinfo.aspx?cb=0.3103872323218395
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
210.59.219.180 Taipei, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
51d60787f1456a0117192bc0127abd84641084cf9ba683120c5273cfefd9adfd

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://img.scupio.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Mon, 10 Jan 2022 22:16:36 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
Accept-Encoding
P3P
CP=" NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa HI Sa OTPa OUR STP IND UNI COM NAV INT STA "
Access-Control-Allow-Origin
https://img.scupio.com
Cache-Control
private
Access-Control-Allow-Credentials
true
Content-Type
application/javascript; charset=utf-8
Content-Length
1647
impr
us-east-ad-track.aralego.com/v1/ban/ Frame 6A1A 		35 B
258 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-east-ad-track.aralego.com/v1/ban/impr?iid=5c1737d2-ce23-41db-8dab-752daf867175
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
207.244.102.142 Arlington, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/ Express
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Access-Control-Allow-Origin
undefined
Date
Mon, 10 Jan 2022 22:16:36 GMT
Access-Control-Allow-Credentials
true
Connection
close
X-Powered-By
Express
Content-Length
35
Content-Type
image/gif
truncated
/ Frame 9745 		762 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml
beacon.do
ads.yap.yahoo.com/nonSDK/beacon/v1/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yap.yahoo.com/nonSDK/beacon/v1/beacon.do?id=u1zr5VxQHqGJeICgfY68LFyHGerHTJ84F6vAxSk0kIFj7T5mhUYy4AgVAsemvi5xCihfIKVIgLl5sK3RscqOrYcR5-6I38Y3hENpa-MsilPeOr33eP3lrjppxm9XnxBZHIwKc93e_vRUZIJccVw4etl56jDhNNgX0ze1WriIh8Mf34kaxDJ_1j_Bn8SPVyKdWxdUoQabLU4Db_hV-hWBFUNQ4plupfuvyItL6_Sq-Ggd9he3J2B2I10Iyi2Pw14yCKR3wTjwr5SP7vCKfLKddXd2dzwy3gfxRAf9VOQtkc6ZsygYPRMX_NPgyIZq40gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.6.138.64 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
media-router-flurry71.prod.media.vip.bf1.yahoo.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers
mbcsc
beap.gemini.yahoo.com/ 		0
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beap.gemini.yahoo.com/mbcsc?bv=1.0.0&es=LCGaXrkGIS_WvRJ2SxDil3neTxnQlavLMOuuNzZJsWhjP7WYgRk0eTqiYRvZivzhV5qJS1g3bqW0uDWHsK.bsbl1oFCnFOaejv7tzmqEkrDdVbfzB0K1mck.Ht6Lf2mS5FrNgUVuNvH7z86O9z2QjXXmjVMATCpAFuelDw5VFATFBOmne6eR8qdUe1aXsX12erGD9inNAetKRE..wc1mcZeLIr8YuLVUtyDRSAlbK8jfOQnpMfwnhTtV9DxpAo4sAIaIhXRNb_WOoP5v1cTsDcDDRa8mtphTDgBqWheKWEXBFQRnMpSUGih01mU0HFLE1ld8TbXEeGhXkIQzFiV15ggxDql4WuQU.LCkatNTWutNimHpwGH3BgfslV6oaSxQjZhJLQV5Me2QF2.2R2nznZP.M4xQbehi6nOSTCmi5uHkYO_Bo1ny0jgqKoCFpL5lNLgFc4IDjlkIh.v2Dl62tZbxh2jwFLJuhNhs7zwtqGOPNwDryuc-&ap=pp%3Dm%2Cpi98
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4998:124:1407::a001 Lockport, United States, ASN26101 (YAHOO-BF1, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://kknews.cc/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:36 GMT
x-content-type-options
nosniff
server
ATS
age
0
expect-ct
max-age=31536000; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only";
x-frame-options
SAMEORIGIN
public-key-pins-report-only
max-age=2592000; pin-sha256="2fRAUXyxl4A1/XHrKNBmc8bTkzA7y4FB/GLJuNAzCqY="; pin-sha256="I/Lt/z7ekCWanjD0Cvj5EqXls2lOaThEA0H2Bg4BT/o="; pin-sha256="K87oWBWM9UZfyddvDfoxL+8lpNyoUB2ptGtn0fv6G2Q="; pin-sha256="Wd8xe/qfTwq3ylFNd3IpaqLHZbh2ZNCLluVzmeNkcpw="; pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18="; pin-sha256="cGuxAXyFXFkWm61cF4HPWX8S0srS9j0aSqN0k4AP+4A="; pin-sha256="dolnbtzEBnELx/9lOEQ22e6OZO/QNb6VSSX2XHA3E7A="; pin-sha256="i7WTqTvh0OioIruIfFR4kMPnBqrS2rdiVPl/s2uC/CY="; pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E="; pin-sha256="uUwZgwDOxcBXrQcntwu+kYFpkiVkOaezL0WYEZ3anJc="; includeSubdomains; report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-hpkp-report-only"
strict-transport-security
max-age=31536000
content-length
0
x-xss-protection
1; mode=block
inside.js
cdn.js7k.com/rq/iv/ Frame 1696 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.js7k.com/rq/iv/inside.js
Requested by
Host: pr.ybp.yahoo.com
URL: https://pr.ybp.yahoo.com/ab/secure/true/imp/sjX6xPKN_t0hFno-n0EEtoDgXOMOwj6F3XGkyE3_jNU4RqNzkobXi2s4JKBLV2KtiEZvamajqyoA5rbnoaCqDzWSNu8Q2QPv_bDbRmSjgxbf4kh2AmJyoYOipdHNg0TbO6A-3fHMYdQT9kbeeX-GKjiQKanyxEJtZ_22KbNzW-d2xzyciyzIILfkmVHJTILwtCwmPfQ7PgRT0bHzSBTfmNZZ3DNc7ZX9CsFXR9--J0Z1nDhS6AK0MgIZQsfHMx-ERqdhlfeu81Fzko2BrHftg0pjlZZLrAlokyLLmew3A_vm5vS_CqxjnEMHNIGDesnzs4zNXTrhCS20fr_w40fsuFJ145r60MCjEbbmbfuRkd91JZIadwgPzpUauCW9uJ314NOMccGH_fCitfxRAtoamMfS22V3gLYZPRvF5fikyQUEB3aLvfQegua3GzUp7pS1hEji9og8X2f7tGG41JMj6yxDPsyNlkrlEbsXYOcQaHPmUt8EIQ-0c-iZc7gyK6c2KL6QD7y_1cf69jIP8rxjplOhVexNvth4DSXsnjrgQAU6JK2uItJnJlc7qfHwF_PIarRwoFynWAa2RVRht0p0DGGzhfLGrpxKUaNLg2lnQ0Qwol6gIeRCNL0YBrQrdC9Atiusq6uhnRxmqWYQcVnCEzWE3FrRSf5HoukPoUHWtcKJofmLElUpYggumJgdaXXUMzRM8BFcGN8-xrBvJ-2qNC8kKDW3rS0RlommwVyFTqLfc5_icvGcuYy9kwOXGjFsq1kwpzIvEdiLbhhkC6bxvl4MbZFfhcuAingevqQ4hekCHz8-5YKRMc33B5Ol2UdYSkaCBaTzalk_thuhCnXrwOfzDc00BoUjZgFEjpTFXDO58aVV_ddYPcOqOI6_L3l5-5tfGy01EiXrh3eNTj4J0s4k1zM5PtrDHIOA2BZq3_illz_FwRa5hlNSxgpMWMjA_C8OyCmS4HDsGE2QtdUv6WOexysE2FZ9mSDgpwNHpUJMGXLUQR4tZCyRYDjcZtXE3xi3EmYdO5LIv0-Aezd5pW20LrFS6U8vJRwfoVPzObTHSm0Q4DoYfYQgsgobC4ukBlo9ArezwsnS85z2azlZr7id3pJyQdNMfjl1iRHgy1_fnwFrjpURIS1HFxSsuXRAwQNQNRGGUq-030unHpctKRBBpMpan4kdZagABvLquddh2OI46CcLu9X2houTWrRn9_xSWlsyRGm851deT7LBZLgtV6ucPL7LoaXmjYz-x-GROd3EVS28JguYzL9Mogu73YI7EsfBTeZ15d2mwnumo3WhbjKOFgl5jfUXM-7Ta6cnyKPWipLiDuq_5PmPrPr_yE2rZBg-EwprTDIFOjQZ8jyPIZ0C26knwqzLZafqBVknZrEgNcQKcG_nkdSRU1CnW40xdS_6TOUDX_azCZmF67_iVyGG73_3qVsUfa8gMsR7B_Mgv-Ymc8uGVKIeFUTuSNjp9pu8uHhGWlqGf00O0WE3X7M2pgqXsCB49H2zX9RZNeC1b--uyYaBkVtJtUu7gPmEOhFYLnklLe5cC4wjre7bxI5ri_ZiExKCjSG0rw6kfxmo0fQSkpVp4tAUEfKs7rfRI9I3NCI/wp/P6OJ-DvmYBw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 21:59:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1036
x-amz-server-side-encryption
AES256
vary
Origin, Accept-Encoding
content-length
14353
x-amz-id-2
d2DSuqxSn1T9yhzvEmQaW5ANskix/hNn+GSNL6JYmG2K3baOdNPFInjsW0fbXfKBbHYFG0Ouo0I=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Sep 2021 15:05:50 GMT
server
ATS
etag
"8ceeaab271ed688991789ed1090cb398-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
W3KC7NZ4ZWP687TR
x-xss-protection
1; mode=block
cache-control
public,max-age=14400
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
10416ebc-e755-4df8-8b04-03fc4dffd833.jpeg
s.yimg.com/ch/ Frame 1696 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/10416ebc-e755-4df8-8b04-03fc4dffd833.jpeg
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
1171fbbddddf650fdf4f8e76ea950474b19ec5ca6219ff051d7f922779f0b944
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Tue, 28 Dec 2021 16:50:43 GMT
x-content-type-options
nosniff
age
1142754
x-amz-server-side-encryption
AES256
vary
Origin
content-length
27657
x-amz-id-2
2WPpQYl5/Iaak+/xGDWzNbo5oksrdiKOpblr2oXRuhuaa6lh6D8sUz26rFBR6B7Jmx97sW66lZc=
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Nov 2021 19:32:14 GMT
server
ATS
etag
"a4a0212e1c8192e514fa1bab03c86903"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
PDTW84SHFFE1E6S4
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/jpeg
/
d.agkn.com/pixel/7953/ Frame 1696 		43 B
585 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.agkn.com/pixel/7953/?che=380040510701679508&col=301939,67,1753289,0,3886254,,,scupio.com&adid=8625438
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2335:a200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 22:16:36 GMT
via
1.1 d3385c1527acfbb7e4b167c6fc3a82fe.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
ATL56-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, must-revalidate
content-type
image/gif
content-length
43
x-amz-cf-id
XIMljlUo-FAUojZQizxx88mYo1dBJQawemysnVlTnUgu1l7_-WAwCA==
expires
Sat, 01 Jan 2000 00:00:00 GMT
adchoicesblue.png
s.yimg.com/ch/icons/adchoices/ Frame 1696 		565 B
795 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.yimg.com/ch/icons/adchoices/adchoicesblue.png
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

ats-carp-promotion
1
date
Sat, 01 Jan 2022 06:47:21 GMT
x-content-type-options
nosniff
age
833356
x-amz-server-side-encryption
AES256
vary
Origin
content-length
565
x-amz-id-2
uXOT5SM9mQZCHXhzsAJPqTCX3ZFjQfXdHfWjFVcV+QcYa2LL56hbooydCng1bDp6ZTby+3OqoDo=
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 22 Jul 2020 18:15:42 GMT
server
ATS
etag
"349bad1100a940608cb9109eb2b166a2"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
x-amz-request-id
X7J012WNRARDTHG5
x-xss-protection
1; mode=block
cache-control
max-age=15552000, public
x-amz-version-id
null
accept-ranges
bytes
content-type
image/png
publishertag.prebid.113.js
static.criteo.net/js/ld/ Frame 9745 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/js/prebid.js?v=5.20.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:37 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 12:50:31 GMT
server
nginx
etag
W/"6138b197-1532d"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Jan 2022 22:16:37 GMT
ls.html
img.scupio.com/html/ Frame 7BB1 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://img.scupio.com/html/ls.html
Requested by
Host: kknews.cc
URL: https://kknews.cc/food/z9oa5l.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.64.236.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-64-236-81.atl56.r.cloudfront.net
Software
nginx/1.12.1 /
Resource Hash
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/html/ad.html?v=1.0.60

Response headers

content-type
text/html; charset=utf-8
server
nginx/1.12.1
last-modified
Mon, 21 Nov 2016 06:35:53 GMT
access-control-allow-origin
*
content-encoding
gzip
date
Mon, 10 Jan 2022 21:50:54 GMT
expires
Mon, 17 Jan 2022 21:48:38 GMT
cache-control
max-age=604800
etag
W/"583295c9-4dc"
x-cache
Hit from cloudfront
via
1.1 f11cffdfa0c7886041aee925b0816e26.cloudfront.net (CloudFront)
x-amz-cf-pop
ATL56-P1
x-amz-cf-id
63iJrarzkl5eCzMSowrLzvnxYPF2kHa4ZHKonnrxdSFHcK6A9_JNcw==
age
1679
eland_tracker.js
dmp.eland-tech.com/dmpreceiver/ Frame 1ADF 		681 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.eland-tech.com/dmpreceiver/eland_tracker.js
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.60
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.95.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-95-5.us-west-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
fe534b792f5f25ace762a8e8ca1c8a13a319c23bc7f7f2d393d7007ffdba5202

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 22:16:36 GMT
Last-Modified
Tue, 30 Nov 2021 05:21:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"681-1638249670000"
Content-Type
application/javascript
Cache-Control
max-age=21600, no-cache="set-cookie"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
681
Expires
Tue, 11 Jan 2022 04:16:37 GMT
syncframe
gum.criteo.com/ Frame 85F9 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=kknews.cc
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
bebb6867510b30c71bae8cb5b337706fd738ffb377056d621f3e79364622ce5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/

Response headers

cache-control
private, max-age=3600
content-type
text/html; charset=utf-8
content-encoding
gzip
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
server-processing-duration-in-ticks
2774
date
Mon, 10 Jan 2022 22:16:36 GMT
content-length
4159
strict-transport-security
max-age=31536000; preload;
publishertag.prebid.js
static.criteo.net/js/ld/ Frame 9745 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:37 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:43 GMT
server
nginx
etag
W/"61cc54f3-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 11 Jan 2022 22:16:37 GMT
sid
mug.criteo.com/ Frame 85F9
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=img.scupio.com&sn=ChromeSyncframe&so=0&topUrl=kknews.cc&lsw=1
  • https://mug.criteo.com/sid?cpp=NoFgQHxXakp0Yy9lTnZlMy9Ca0FZUVdtRzlVQjJWYWVxcm1sZmErVkdWbXpYU2o1S2FvM0RTNkJKbXFvcXZFQy9kZGU0VGJKOWE5N1ZSVGtLSU5KS2pLUitvQXB1dXJpVGtmMTVOaWNWRUhud3hUemtqZ0pQSGhPSUxReG...
452 B
637 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=NoFgQHxXakp0Yy9lTnZlMy9Ca0FZUVdtRzlVQjJWYWVxcm1sZmErVkdWbXpYU2o1S2FvM0RTNkJKbXFvcXZFQy9kZGU0VGJKOWE5N1ZSVGtLSU5KS2pLUitvQXB1dXJpVGtmMTVOaWNWRUhud3hUemtqZ0pQSGhPSUxReG55aE5pSXdEMGt6bmcva0wyQW1ZU3Jzb1hmVlVOanNaekhSblp1cmVucjNPSnJ6R2NSWm82a1pvbVcwNGVOVWZuWnZUUnlkV2VwZG9LNGFiYzRYaUEydWFDUUQ0aVo5YXprU3ZFMERIOS9OQ3VzdmFpSkEzeXA2THMvU3laeVczTlFmNlRFci93dzhacW01bW9uNEszVXQrTWxHdm9yVEtsVFFEZ2FZYWYyVEJMRGVZUXpzYz18&cppv=2
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
/
Resource Hash
26477f4e42b88a29cf83e1fc73025373b00a454d7ac288df805968a2b6c14670
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 22:16:37 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
5755
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 22:16:36 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=NoFgQHxXakp0Yy9lTnZlMy9Ca0FZUVdtRzlVQjJWYWVxcm1sZmErVkdWbXpYU2o1S2FvM0RTNkJKbXFvcXZFQy9kZGU0VGJKOWE5N1ZSVGtLSU5KS2pLUitvQXB1dXJpVGtmMTVOaWNWRUhud3hUemtqZ0pQSGhPSUxReG55aE5pSXdEMGt6bmcva0wyQW1ZU3Jzb1hmVlVOanNaekhSblp1cmVucjNPSnJ6R2NSWm82a1pvbVcwNGVOVWZuWnZUUnlkV2VwZG9LNGFiYzRYaUEydWFDUUQ0aVo5YXprU3ZFMERIOS9OQ3VzdmFpSkEzeXA2THMvU3laeVczTlFmNlRFci93dzhacW01bW9uNEszVXQrTWxHdm9yVEtsVFFEZ2FZYWYyVEJMRGVZUXpzYz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1952
content-length
567
expires
0
yv
beap-bc.yahoo.com/ Frame 1696 		43 B
948 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://beap-bc.yahoo.com/yv?sek=4377053643652507912:1641852996028&as=YAMPViewableImpressionPayload&av=2.19.0&kv=0&ea=1&ap=TGYFXplKx2qLRrLHK6pJJ7_OLowUO4ZiSLqfepUs78cEckgGuufUQNVxD1r3XaHX13WldiBCmdRBBH8XzOW_tZ2s3uL-28prz0RC7rBgBGwo0U5opJARAWPMG22fvNyQKVDVho4C5r_f5ZUXOOE-vqmjF1RfqGGodIl15cnosmJLK-fn9kV7uCEvxg0ZRp9G09DBahtBpt728aCj1Sdf-9B1bm5F5z03&iv=100&v=1&m=2&r=1641852997838&im=1&b=100&ad=jv=1.0.261:vd=0:na=0:ed=1:tpv=:tp=1:mt=7
Requested by
Host: cdn.js7k.com
URL: https://cdn.js7k.com/rq/iv/inside.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://img.scupio.com/
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 10 Jan 2022 22:16:37 GMT
referrer-policy
no-referrer-when-downgrade
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=15552000
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
x-xss-protection
1; mode=block
cache-control
no-cache, private
content-type
image/gif
content-length
43
x-content-type-options
nosniff
accept-charset
utf-8
el_load.min.js
dmp.eland-tech.com/dmpreceiver/ Frame 1ADF 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dmp.eland-tech.com/dmpreceiver/el_load.min.js
Requested by
Host: dmp.eland-tech.com
URL: https://dmp.eland-tech.com/dmpreceiver/eland_tracker.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.95.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-95-5.us-west-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
bd2a7dec65b8d4dd82207b374de33d9c487662bf95bdf62e5988ee540715ff25

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 22:16:36 GMT
Last-Modified
Tue, 30 Nov 2021 05:21:10 GMT
Server
Apache-Coyote/1.1
ETag
W/"3156-1638249670000"
Content-Type
application/javascript
Cache-Control
max-age=21600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3156
Expires
Tue, 11 Jan 2022 04:16:37 GMT
/
www.facebook.com/tr/ Frame 1ADF 		44 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1588263144793165&ev=ViewContent&dl=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.60&rl=&if=true&ts=1641852997868&cd[SBST]=15&cd[PuID]=angelach
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.60
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f112:83:face:b00c:0:25de -, , ASN (),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:37 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Mon, 10 Jan 2022 22:16:37 GMT
idsync
sync.aralego.com/ Frame 1ADF
Redirect Chain
  • https://sync.aralego.com/idSync/?redirect=https%3A%2F%2Frec.scupio.com%2Frecweb%2Fuxid.aspx%3Fid%3DUCFUID&ucf_nid=dsp-2EE37BD676623A2F8278A7626AAE9E2&ucf_user_id=CMA20220111061637627840
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/6b6910d1-61ef-4b71-8ddc-95a2256d9e70?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZP1oQ1lE2oU00kSCkB6VHUcGuh1WOQ81CtJr71I-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=f1b937e7-9de8-4d90-a38f-f004a399005b
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/6b6910d1-61ef-4b71-8ddc-95a2256d9e70?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZP1oQ1lE2oU00kSCkB6VHUcGuh1WOQ81CtJr71I-~A&redirect=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-9A2296D7D389BBA3144262983D2B9AEB&ucf_user_id=f1b937e7-9de8-4d90-a38f-f004a399005b
  • https://pr-bh.ybp.yahoo.com/sync/ucfunnel/6b6910d1-61ef-4b71-8ddc-95a2256d9e70?gdpr=0&euconsent=
  • https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZP1oQ1lE2oU00kSCkB6VHUcGuh1WOQ81CtJr71I-~A&redirect=
0
0
ggid.aspx
rec.scupio.com/recweb/ Frame 1ADF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm&google_ula=3918219&google_hm=Q01BMjAyMjAxMTEwNjE2Mzc2Mjc4NDA%3d&layout=js
  • https://cm.g.doubleclick.net/pixel?google_nid=bw_cookie&google_cm=&google_ula=3918219&google_hm=Q01BMjAyMjAxMTEwNjE2Mzc2Mjc4NDA%3D&layout=js&google_tc=
  • https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMfsXvj2-_EylsMyHNLNbVA&google_cver=1&google_ula=3918219,0
0
551 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMfsXvj2-_EylsMyHNLNbVA&google_cver=1&google_ula=3918219,0
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.60
Protocol
HTTP/1.1
Server
210.59.219.175 -, , ASN (),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date
Mon, 10 Jan 2022 22:16:38 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
P3P
CP=" NOI DSP COR CUR ADMa DEVa TAIa PSAa PSDa HISa OTPa OUR STP IND UNI COM NAV INT STA "
Cache-Control
private
Content-Type
text/javascript
Content-Length
0

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 22:16:37 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rec.scupio.com/recweb/ggid.aspx?layout=js&google_gid=CAESEMfsXvj2-_EylsMyHNLNbVA&google_cver=1&google_ula=3918219,0
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 41DA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=xapi-bridgewell&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
281 B
410 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Requested by
Host: img.scupio.com
URL: https://img.scupio.com/html/ad.html?v=1.0.60
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/

Response headers

server
Apache/2.2.15 (CentOS)
last-modified
Tue, 14 Dec 2021 23:07:59 GMT
etag
"402b2-119-5d32342a551c0"
accept-ranges
bytes
content-encoding
gzip
content-length
233
content-type
text/html; charset=UTF-8
date
Mon, 10 Jan 2022 22:16:37 GMT
vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
date
Mon, 10 Jan 2022 22:16:37 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
usync.js
eus.rubiconproject.com/ Frame 41DA 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.73.244.44 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
65d8ee5208aca997675ab081003911c52cb48251aca29217cab4209d27a9417e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:37 GMT
content-encoding
gzip
last-modified
Wed, 15 Dec 2021 23:04:16 GMT
server
Apache/2.2.15 (CentOS)
x-powered-by
PHP/5.3.3
vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control
max-age=20468
content-type
text/html; charset=UTF-8
content-length
9704
expires
Tue, 11 Jan 2022 03:57:45 GMT
khaos.jpg
token.rubiconproject.com/ Frame 41DA 		284 B
922 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
8.39.36.142 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
Content-Type
image/jpg
el_fingerprint.min.js
cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@3.6/ Frame 1ADF 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@3.6/el_fingerprint.min.js
Requested by
Host: dmp.eland-tech.com
URL: https://dmp.eland-tech.com/dmpreceiver/el_load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c5502291d57f8a08e7182b90bf5def94bc9604102eb49e4c12fea526c931c2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
6658122
x-jsd-version
3.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19165-FRA, cache-ewr18130-EWR
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"71f7-WjsbghBBOz00odMfSN6gW8g+s5g"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6cb945555c6e1996-EWR
el_util.min.js
cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@3.6/ Frame 1ADF 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@3.6/el_util.min.js
Requested by
Host: dmp.eland-tech.com
URL: https://dmp.eland-tech.com/dmpreceiver/el_load.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d8b1b66b37325fc99d5b0b612b82310d71029c417a8d4ff710f9a3ff7f87773f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
1684671
x-jsd-version
3.6
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by
cache-fra19148-FRA, cache-ewr18136-EWR
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"34de-5aauoK+FZCt1sMM5UQuTtt7Lzys"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6cb945555c701996-EWR
sync.php
pixel-apac.rubiconproject.com/exchange/ Frame 41DA 		0
0
viewreceiver
dmp.eland-tech.com/dmpreceiver/ Frame 1624 		0
938 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dmp.eland-tech.com/dmpreceiver/viewreceiver?&DMP_SR=BW&target=usual&url=https%3A%2F%2Fimg.scupio.com%2Fhtml%2Fad.html%3Fv%3D1.0.60&refer_url=&platform=PC&os=Windows&browser=Chrome&subDomain=html-ad.html&trackType=view&ce=1&member_id=CMA20220111061637627840&fp2=9c34e3dea5119827ef8d9d71e0404898&
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/gh/yEchKgnaHWFO/eland-tracker@3.6/el_util.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.213.95.5 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-213-95-5.us-west-2.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
https://img.scupio.com/

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html;charset=UTF-8
Date
Mon, 10 Jan 2022 22:16:38 GMT
P3P
CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Server
Apache-Coyote/1.1
X-Robots-Tag
noindex, nofollow, noarchive, none
Content-Length
0
Connection
keep-alive
tap.php
pixel.rubiconproject.com/ Frame 41DA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMGX9vXzW8HZL2CfHNw1LPA&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMGX9vXzW8HZL2CfHNw1LPA&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 22:16:38 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMGX9vXzW8HZL2CfHNw1LPA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 41DA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4e8561dc-b046-4b00-a72f-0992a3a5cc7c
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4e8561dc-b046-4b00-a72f-0992a3a5cc7c
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
19c1ac3b9706c83a73951eba4d239689
Content-Type
image/gif

Redirect headers

Date
Mon, 10 Jan 2022 22:16:38 GMT
Server
MT3 4133 baa842e master ord-pixel-x53 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=4e8561dc-b046-4b00-a72f-0992a3a5cc7c
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 10 Jan 2022 22:16:37 GMT
709414.gif
id.rlcdn.com/ Frame 41DA 		42 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 10 Jan 2022 22:16:38 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
v1
ads.yahoo.com/cms/ Frame 41DA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY98VTEX-23-4XYZ&sigv=1&esig=2~849093ae01ecf3f94dcbd76030ff3af168360385
0
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY98VTEX-23-4XYZ&sigv=1&esig=2~849093ae01ecf3f94dcbd76030ff3af168360385
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H2
Server
2001:4998:14:800::1000 Ashburn, United States, ASN14777 (YAHOO, US),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Mon, 10 Jan 2022 22:16:38 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KY98VTEX-23-4XYZ&sigv=1&esig=2~849093ae01ecf3f94dcbd76030ff3af168360385
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 41DA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTI2ZjM1ZmMwMTA2YTIzMGZhMWJkNWQwNmRkNzZlNDNhMDM5MjUwNQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTI2ZjM1ZmMwMTA2YTIzMGZhMWJkNWQwNmRkNzZlNDNhMDM5MjUwNQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
H3
Server
142.251.40.130 -, , ASN (),
Reverse DNS
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 10 Jan 2022 22:16:38 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTI2ZjM1ZmMwMTA2YTIzMGZhMWJkNWQwNmRkNzZlNDNhMDM5MjUwNQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6683ee3a8662a9679fcacb9fe223a3f8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 41DA
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YdywRgAEj1tJGgBK
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdywRgAEj1tJGgBK&_test=YdywRgAEj1tJGgBK
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdywRgAEj1tJGgBK&_test=YdywRgAEj1tJGgBK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
0190a17a18f2299b1b85aeb1793e601c
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 22:16:38 GMT
via
1.1 varnish
server
Varnish
x-timer
S1641852998.489774,VS0,VE0
x-served-by
cache-lga21956-LGA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YdywRgAEj1tJGgBK&_test=YdywRgAEj1tJGgBK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
tap.php
pixel.rubiconproject.com/ Frame 41DA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f1b937e7-9de8-4d90-a38f-f004a399005b&gdpr=0&gdpr_consent=&expires=30
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f1b937e7-9de8-4d90-a38f-f004a399005b&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
382e2818ca015d35b02cd449aa60881d
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 10 Jan 2022 22:16:38 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=f1b937e7-9de8-4d90-a38f-f004a399005b&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 41DA
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/XlJslgP1EjTwn3rvvh6VcMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3266310894486365560
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3266310894486365560
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=xapi-bridgewell&endpoint=apac
Protocol
HTTP/1.1
Server
69.173.151.100 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
8eb2d9eeed9b9c468975d0ba24565e5b
Content-Type
image/gif

Redirect headers

date
Mon, 10 Jan 2022 22:16:38 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3266310894486365560
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.aralego.com
URL
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-ZP1oQ1lE2oU00kSCkB6VHUcGuh1WOQ81CtJr71I-~A&redirect=
Domain
pixel-apac.rubiconproject.com
URL
https://pixel-apac.rubiconproject.com/exchange/sync.php?p=xapi-bridgewell&khaos=KY98VTEX-23-4XYZ

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onsecuritypolicyviolation object| onslotchange object| PAGEVARS object| yaParams function| ym function| $ function| jQuery object| w_yahoo object| d_yahoo object| adUnitCode string| apiKey function| _ object| UserSettings object| Yahoo function| JSONPCallback0 object| Ya object| yaCounter80806720 object| Scupioads function| hasOwnProperty object| scupiosdk function| ygscb

26 Cookies

Domain/Path Name / Value
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ABBMTcNh0NqtRpNlap8taVaggMtvrrbvTuDTQKvUTsIDQfYiCZW8L9mPozrNyoq7J448b5irPjHvjVn5VphRD0M
.kknews.cc/ Name: SFID
Value: c7eb0gedrh8ee6783850&v=2
.kknews.cc/ Name: __cf_bm
Value: LOY.9t_SAowToRSwpAFYSfHFIZubUzM4eXqLyA.VyjU-1641852994-0-AUroSE6ocRQny6ZqB4tgAF20mtEoTjafBBq3wFYgCS8gXoDHVxem9kkBK33ygZVp7h/hAAyJZoUL8UkFPWZz81g=
kknews.cc/ Name: app_session
Value: 1g2mra2g0ldluohjcn89p48b4k
.kknews.cc/ Name: _ym_uid
Value: 1641852996607056933
.kknews.cc/ Name: _ym_d
Value: 1641852996
.yandex.ru/ Name: ymex
Value: 1673388995.yrts.1641852995#1673388995.yrtsi.1641852995
.yandex.ru/ Name: yandexuid
Value: 5938290511641852995
.yandex.ru/ Name: yuidss
Value: 5938290511641852995
mc.yandex.ru/ Name: yabs-sid
Value: 1732934501641852995
.yandex.ru/ Name: i
Value: h+w9UPNFwkrlReDBwjMOClKGM9+cZVJLoDJZxNYoIuOz2WeQExbiD0JVz8fkR41olMUl8lf7TUKGCwsYi7KX1LRBe1Q=
.kknews.cc/ Name: _ym_isad
Value: 2
.aralego.com/ Name: sspid
Value: 6b6910d1-61ef-4b71-8ddc-95a2256d9e70
.mc.webvisor.org/ Name: sync_cookie_csrf
Value: 308324633fake
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 4291380842fake
.webvisor.org/ Name: yandexuid
Value: 5938290511641852995
.webvisor.org/ Name: yuidss
Value: 5938290511641852995
.mc.webvisor.org/ Name: sync_cookie_ok
Value: synced
.yahoo.com/ Name: A3
Value: d=AQABBESw3GECEFyNSoZ5fJD7jsBvfrb-yegFEgEBAQEB3mHmYQAAAAAA_eMAAA&S=AQAAAgXQdZSbHVd2xRqzdmc65_w
.agkn.com/ Name: ab
Value: 0001%3AhHlWmPOzD28f%2BYkAU%2BnowPSROGv8Z%2BoR
.agkn.com/ Name: u
Value: C|0AAApb2zEKW9sxAAAAAAA
.scupio.com/ Name: OrgKeyValue
Value: CMA20220111061637627840
.scupio.com/ Name: gx
Value: H4sIAMUg3WEA%2fxNmYGDg4uZ40P3tzZwlq6wEWIVYOOwFmADE75HFFwAAAA%3d%3d
.criteo.com/ Name: uid
Value: 05ff70aa-cc24-4bc1-be8b-6c218f1cb8c0
dmp.eland-tech.com/ Name: AWSELBCORS
Value: F18B0BC5168B8529F375F860BE0B0658FAD193691A91116B354FFE44F799B1E302EF0BFFEA5B04FC0029EEAB9EC6F339CBB0AEBF59307EE7E3F6461D323CA872A1E48DCD14
.facebook.com/ Name: fr
Value: 09A4ooKqMFHTA5doi..Bh3LBF...1.0.Bh3LBF.

5 Console Messages

Source Level URL
Text
network error URL: https://kknews.cc/food/z9oa5l.html
Message:
Failed to load resource: the server responded with a status of 429 ()
security warning URL: https://kknews.cc/food/z9oa5l.html
Message:
Mixed Content: The page at 'https://kknews.cc/food/z9oa5l.html' was loaded over HTTPS, but requested an insecure element 'http://i1.kknews.cc/AsQGbQsLNhByTZRqbqyA6_Ws9kxxGA/0.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kknews.cc/food/z9oa5l.html
Message:
Mixed Content: The page at 'https://kknews.cc/food/z9oa5l.html' was loaded over HTTPS, but requested an insecure element 'http://i2.kknews.cc/Juh3KT_qh9BEyXm7G4kQGLpmeD-UwNa2/0.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kknews.cc/food/z9oa5l.html
Message:
Mixed Content: The page at 'https://kknews.cc/food/z9oa5l.html' was loaded over HTTPS, but requested an insecure element 'http://i1.kknews.cc/AsQGbQsLNhByTZRqbqyA6_Ws9kxxGA/0.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security warning URL: https://kknews.cc/food/z9oa5l.html
Message:
Mixed Content: The page at 'https://kknews.cc/food/z9oa5l.html' was loaded over HTTPS, but requested an insecure element 'http://i2.kknews.cc/Juh3KT_qh9BEyXm7G4kQGLpmeD-UwNa2/0.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.kknews.cc
ad.holmesmind.com
ads.yahoo.com
ads.yap.yahoo.com
ajax.googleapis.com
beap-bc.yahoo.com
beap.gemini.yahoo.com
bidder.criteo.com
bw.scupio.com
cdn.js7k.com
cdn.jsdelivr.net
cm.g.doubleclick.net
d.agkn.com
dmp.eland-tech.com
eus.rubiconproject.com
fonts.gstatic.com
gum.criteo.com
hb.aralego.com
i1.kknews.cc
i2.kknews.cc
id.rlcdn.com
img.scupio.com
kknews.cc
match.adsrvr.org
mc.webvisor.org
mc.yandex.ru
mug.criteo.com
pixel-apac.rubiconproject.com
pixel.kknews.cc
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pr.ybp.yahoo.com
prebid-asia.creativecdn.com
prebid.scupio.com
rec.scupio.com
s.yimg.com
secure-assets.rubiconproject.com
static.criteo.net
sync-tm.everesttech.net
sync.aralego.com
sync.mathtag.com
ti1.kknews.cc
ti2.kknews.cc
token.rubiconproject.com
us-east-ad-track.aralego.com
www.facebook.com
www.google.com
www.gstatic.com
pixel-apac.rubiconproject.com
sync.aralego.com
103.132.192.30
104.22.26.227
104.22.27.227
142.251.40.130
151.101.2.49
162.210.196.208
18.64.236.81
2001:4998:124:1407::a001
2001:4998:124:1407::d000
2001:4998:14:800::1000
207.244.102.142
210.59.219.175
210.59.219.180
210.59.219.181
216.200.232.253
23.73.244.44
2600:1f18:4e9:5a02:1f9d:78fd:b4f5:2185
2600:9000:2335:a200:19:fc2c:a140:93a1
2606:4700::6810:5714
2607:f8b0:4006:80f::2003
2607:f8b0:4006:817::2004
2607:f8b0:4006:81f::2003
2607:f8b0:4006:81f::200a
2620:100:a001::4
2620:100:a001::c
2a02:6b8::1:119
2a03:2880:f112:83:face:b00c:0:25de
3.33.220.150
34.213.95.5
35.190.60.146
54.168.194.199
69.173.151.100
74.119.119.129
74.119.119.139
74.6.138.64
8.39.36.142
80.239.201.10
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
05d9646d31e06696ba02b42aeff28d1338ba347d22dbccf765e8890085498866
09945ab3fd76bcba07a2cc30e11543000b5a2f4720b42d4c90f0f2fe919209d7
0a98afc1c853b375014889c156d6d6e04148b3a2bea3a6bce7e81ecd1471a0fb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d5597975621d18852f90bbd6e0cfba836f727d8e4827776d36ab987a5c4ed51
104c1aaa4631b54f0dec43a9453ce830ba6bbd45060ea4bd8c6de5ff935c7e36
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1171fbbddddf650fdf4f8e76ea950474b19ec5ca6219ff051d7f922779f0b944
13558c03b91fa261f6ab712f755648add306b9d2877a1becb6b14d8d47f27ac1
16dc0e292d7b4995731eee4e8d2bfd93cf0a946e5aa2e1707fa88e1f4e2e259c
16f394408996e0cdad9bcba7edaa56becaaa265e8a52d027cd95891e7a936e50
16f93ec6837b93b1ae05157f6aafd4138a4c3aa51b6c8116bc3ef439a5f87f3d
1b3f1a6337f21366cf59487bb664dd0983c245ccf100be143f4366a07e005d09
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1ce0e4e128ff61373f69ad7c62c8e574d90574deaf5b48873b799f1a21792985
203952d95f704a3d83b4f4d2b637c3ec6eed453918da831b11433d6854770063
204b096d37249d9125a8b3450e44a31773cb148dba50c88d1fd26a0b914216ce
2077ab601f5e19112c0d009b8869a763f25e1897ea88bdfef7babb26e1ffc004
215c76d7fe6fcabb5a534502b2694c3d551719b1182ccf54d708436929959f8e
252fcbfe9a3c8644a4d29d8cb405e283128ad607fe444157686577f2192fd7f2
26477f4e42b88a29cf83e1fc73025373b00a454d7ac288df805968a2b6c14670
2ad2248af8157939814230248d459527b1f8f192945d9ba9e0edbc7fa5879fcd
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
355020606dc2f40ae0fef4e9293f74e6d3818b927809e8175f7d9f3d1d651251
39cdf1102da3a29708cec7030698eaa7b87cb13a7790c064cd205a38f4af6d7f
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
428e7b699135c10a7e969f89a902eeb14aac65cc7316f3ec5fc072e5b405f529
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c3dd9289d26d99e764bd91f701b7fdc3582cbf6aaa87becb09e75d49adfe613
4c5502291d57f8a08e7182b90bf5def94bc9604102eb49e4c12fea526c931c2d
4ce81ecccefb27ce0f347ef564114da2ba450a9e1d9a7260b4597e62b1f71a72
51d60787f1456a0117192bc0127abd84641084cf9ba683120c5273cfefd9adfd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56cf6c2adb75e276955f3bf951793f0c794ceb51d67d5d2c64b8ec01b996ecc4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
65d8ee5208aca997675ab081003911c52cb48251aca29217cab4209d27a9417e
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6badb7720a64339c6868c51e96cc3618a53f4a9667781904a44f413cd879c337
7774633c3e80efda33af9dbc56d9df43fddda73e0e63f01c1a7645768275c86c
84796003908b6499feb59f387bfb729ab7710f5c08681ceccee01fcf9677815b
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87c7cdd5faeca0414da0bd5ce1e658c63f881c9d06db2d10be1a8dd39dad9af8
8eb2e175a17e4ab4727d4fb12ee5be92d756397e57bc291b22c578a80222ef18
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9149038c3b0cadbb4af132b85f16c17b2e47216317b6f66928f77b8d02b0151d
9a776b53f1904f758292272f57a5239cb83eec1c10e5533faffbd2461074093e
9ab8f227e54ba267e83f7aded7e079a53316096911101c404bb2ba9e7e27902b
9b41fadd5792db8e1e72ff69687259e6d14feac4313d2556b689318b3d095383
9d8ffbb8a4771ac04200bb2a05d71e8c8f487845456e870b5605014019eaa62f
a3c4b303b47dd993eef7b057e922af64b9a0611a01c4771159936d1c3bb85303
a772d757e2f83bfe2ea55f81e95c359484772b5d0915893ae55beadad634788d
ab11cfcbf90f49e370445e62f59d52ff0e60f00fe6d95821851107bea0a32884
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b78f0efbac27a14e6d3f33d8d98e95058dd9614cf51b1197dbfb03e8c58ad443
b8954ed878ae615531f62b8d9a95a79d9a86a84f4af1504bcbec32d8e62d7ebd
ba35185cf9e6d2ed3fcff360edabaf715152a93c68ea1baafb97c97334df56d9
bd2a7dec65b8d4dd82207b374de33d9c487662bf95bdf62e5988ee540715ff25
be7ab1bf20aaad89f2b7a9ce8d6bc057fa4b269ca9a512d14f82576beffc4c3d
bebb6867510b30c71bae8cb5b337706fd738ffb377056d621f3e79364622ce5b
c087086a8bd8b135d3b5d2407870d51e14cb847c31cc13a499d65500d25953f1
c8a72aa0d3cdd75dfa5b56b8ec6231d3e5571205b5d15ffc116b4139588c27cc
ce42cee29ef64c38889bc6168dbd6f2ae2d45054070e5ac56968b8937d77900b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bcd1f7e49f79b765f936bdae5a06d5a63529d8b21a588011146de94f927524
d8b1b66b37325fc99d5b0b612b82310d71029c417a8d4ff710f9a3ff7f87773f
dbd37284a3841f5f82188e6992c2797e8a2c678baa70b536bbad5cbe5bcc783e
dbdb2d3d3ee6c7e6e75361867aec8f143b8d4b94e32ed99eaae2f2c7a7350bbe
e321dc2ff238a0deb940472f1538b8b52c77da910be7d6adc2675f6184944301
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
ea5512de042a1e9db69050160e20580906aae9b4bae8514b7b01bc08a9648834
eaa276c4b427b20f777692d5287c8354e83263cd927d884463c45e557c7bb267
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fc1b542f3c936c823ac131ad1528789c52562d3d8cb5e4db8c8e2f9e4365dc91
fe534b792f5f25ace762a8e8ca1c8a13a319c23bc7f7f2d393d7007ffdba5202