n.yam.com Open in urlscan Pro
13.76.85.56 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://n.yam.com/Article/20210427101792
Submission: On April 28 via api (April 28th 2021, 2:27:50 am UTC) from SG

Summary HTTP 231 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 42 IPs in 7 countries across 29 domains to perform 231 HTTP transactions. The main IP is 13.76.85.56, located in Singapore, Singapore and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is n.yam.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 13th 2020. Valid for: a year.

This is the only time n.yam.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
24	13.76.85.56 13.76.85.56	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
9	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	52.239.128.36 52.239.128.36	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
8	2a02:26f0:10:... 2a02:26f0:10::214:8f06	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	13.76.41.74 13.76.41.74	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
20	2a03:2880:f04... 2a03:2880:f042:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4 11	2a03:2880:f14... 2a03:2880:f142:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
5	192.229.233.139 192.229.233.139	15133 (EDGECAST) (EDGECAST)
1	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
18	52.230.1.186 52.230.1.186	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
6	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2600:1901:0:7... 2600:1901:0:7a0b::	15169 (GOOGLE) (GOOGLE)
1	119.63.198.189 119.63.198.189	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (HIGHWINDS3) (HIGHWINDS3)
10	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
3 8	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1 2	37.157.6.246 37.157.6.246	198622 (ADFORM) (ADFORM)
2	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
5 8	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
3 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
7	3.229.28.141 3.229.28.141	14618 (AMAZON-AES) (AMAZON-AES)
5	119.63.198.143 119.63.198.143	38627 (BAIDUJP B...) (BAIDUJP Baidu)
9	119.63.198.188 119.63.198.188	38627 (BAIDUJP B...) (BAIDUJP Baidu)
1	119.63.198.172 119.63.198.172	38627 (BAIDUJP B...) (BAIDUJP Baidu)
2	13.69.65.23 13.69.65.23	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	13.32.21.49 13.32.21.49	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:f000:3:7e1c:5b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:9a00:d:3c0f:bcc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	130.211.115.4 130.211.115.4	15169 (GOOGLE) (GOOGLE)
231	42

24 13.76.85.56 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

n.yam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
weather.yam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.239.128.36 (Central, Hong Kong)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

yamnews.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:10::214:8f06 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

player.ivideosmart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.76.41.74 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

admd.yam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a03:2880:f042:10:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:2880:f142:82:face:b00c:0:25de (United States) 4 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.229.233.139 (Torrance, United States)

ASN15133 (EDGECAST, US)

api.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.230.1.186 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

vote.yam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:7a0b:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

sessions.bugsnag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.189 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

tw.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.246 (Denmark) 1 redirects

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.98 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.53 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.229.28.141 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-28-141.compute-1.amazonaws.com

in.treasuredata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 119.63.198.143 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

log.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 119.63.198.188 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

r.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rlog.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.63.198.172 (Japan)

ASN38627 (BAIDUJP Baidu, Inc., JP)

inrecsys.popin.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.69.65.23 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.21.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-49.fra56.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:f000:3:7e1c:5b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:9a00:d:3c0f:bcc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
51	googlesyndication.com 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	353 KB
44	yam.com n.yam.com admd.yam.com vote.yam.com Failed weather.yam.com	2 MB
28	doubleclick.net 5 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net googleads4.g.doubleclick.net cm.g.doubleclick.net	217 KB
21	popin.cc api.popin.cc tw.popin.cc log.popin.cc r.popin.cc inrecsys.popin.cc rlog.popin.cc	130 KB
18	fbcdn.net static.xx.fbcdn.net	1 MB
11	facebook.com 4 redirects www.facebook.com	194 KB
10	ampproject.org cdn.ampproject.org	215 KB
10	google.com 3 redirects adservice.google.com www.google.com	341 B
8	ivideosmart.com player.ivideosmart.com	43 KB
7	treasuredata.com in.treasuredata.com	4 KB
6	googletagservices.com www.googletagservices.com	189 KB
4	openx.net 3 redirects us-u.openx.net	1 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
2	trvdp.com go.trvdp.com s.trvdp.com	150 KB
2	truvidplayer.com stg.truvidplayer.com	3 KB
2	visualstudio.com dc.services.visualstudio.com	511 B
2	teads.tv 1 redirects sync.teads.tv	407 B
2	2mdn.net s0.2mdn.net	151 KB
2	adform.net 1 redirects track.adform.net	907 B
2	bugsnag.com sessions.bugsnag.com	97 B
2	google.pl adservice.google.pl	921 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	65 KB
2	googletagmanager.com www.googletagmanager.com	70 KB
1	ad-score.com data.ad-score.com	718 B
1	jquery.com code.jquery.com	30 KB
1	msecnd.net az416426.vo.msecnd.net	22 KB
1	windows.net yamnews.blob.core.windows.net	170 KB
231	29

	Domain	Requested by
32	tpc.googlesyndication.com	securepubads.g.doubleclick.net n.yam.com 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com cdn.ampproject.org googleads.g.doubleclick.net tpc.googlesyndication.com
22	n.yam.com	n.yam.com
18	static.xx.fbcdn.net	www.facebook.com static.xx.fbcdn.net
18	vote.yam.com	n.yam.com vote.yam.com code.jquery.com
15	pagead2.googlesyndication.com	0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com n.yam.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com az416426.vo.msecnd.net
11	www.facebook.com	4 redirects n.yam.com www.facebook.com connect.facebook.net
10	cdn.ampproject.org	securepubads.g.doubleclick.net
9	securepubads.g.doubleclick.net	n.yam.com securepubads.g.doubleclick.net az416426.vo.msecnd.net www.googletagservices.com
8	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
8	www.google.com	3 redirects n.yam.com 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
8	player.ivideosmart.com	n.yam.com player.ivideosmart.com
7	in.treasuredata.com	api.popin.cc
7	googleads.g.doubleclick.net	0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com n.yam.com
6	www.googletagservices.com	www.googletagmanager.com securepubads.g.doubleclick.net 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
5	rlog.popin.cc	n.yam.com
5	log.popin.cc	n.yam.com
5	api.popin.cc	n.yam.com api.popin.cc
4	r.popin.cc	n.yam.com
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	n.yam.com googleads.g.doubleclick.net
4	0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	stg.truvidplayer.com	n.yam.com go.trvdp.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	s0.2mdn.net	0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
2	track.adform.net	1 redirects 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
2	sessions.bugsnag.com	az416426.vo.msecnd.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.pl	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com az416426.vo.msecnd.net
2	weather.yam.com	n.yam.com
2	connect.facebook.net	n.yam.com connect.facebook.net
2	admd.yam.com	n.yam.com
2	www.googletagmanager.com	n.yam.com
1	data.ad-score.com	az416426.vo.msecnd.net
1	s.trvdp.com	go.trvdp.com
1	go.trvdp.com	stg.truvidplayer.com
1	inrecsys.popin.cc	n.yam.com
1	code.jquery.com	vote.yam.com
1	tw.popin.cc	api.popin.cc
1	az416426.vo.msecnd.net	n.yam.com
1	yamnews.blob.core.windows.net	n.yam.com
231	44

This site contains links to these domains. Also see Links.

Domain
vote.yam.com
www.yam.com
www.facebook.com
www.instagram.com
tnntoday.com
search.yam.com
traffic.popin.cc
a.popin.cc
travel.yam.com
policies.yam.com
help.yam.com
value.yam.com
company.yam.com

Subject Issuer	Validity	Valid
*.yam.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-13` - `2021-07-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2021-02-12` - `2022-02-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
player-objects.ivideosmart.com R3	`2021-02-19` - `2021-05-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
api.popin.cc DigiCert TLS RSA SHA256 2020 CA1	`2021-03-25` - `2022-03-30`	a year	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2 years	crt.sh
*.google.pl GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-18` - `2021-05-18`	a year	crt.sh
*.popin.cc DigiCert Secure Site Pro CN CA G3	`2020-11-12` - `2021-11-15`	a year	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
track.adform.net DigiCert SHA2 Secure Server CA	`2019-09-16` - `2021-09-20`	2 years	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
teads.tv R3	`2021-02-18` - `2021-05-19`	3 months	crt.sh
*.treasuredata.com Amazon	`2020-10-16` - `2021-11-15`	a year	crt.sh
in.applicationinsights.azure.com Microsoft RSA TLS CA 02	`2021-04-21` - `2022-04-21`	a year	crt.sh
*.truvidplayer.com Amazon	`2021-02-17` - `2022-03-18`	a year	crt.sh
*.trvdp.com Amazon	`2020-10-23` - `2021-11-22`	a year	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2020-09-02` - `2021-10-04`	a year	crt.sh

This page contains 19 frames:

Primary Page: https://n.yam.com/Article/20210427101792
Frame ID: 8AAB756BC85D57C07843395BB9B070D7
Requests: 90 HTTP requests in this frame

Frame: https://vote.yam.com/CF/index.html
Frame ID: 0DB613BCF8930F027248D0C057D07B8E
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https://n.yam.com/Article/20210427101792/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId
Frame ID: D8AA2557B801D4CE340793E6743B294E
Requests: 4 HTTP requests in this frame

Frame: https://vote.yam.com/CF/index.html
Frame ID: 78C5B134BDBB5976EDDC78ADE580C4E5
Requests: 19 HTTP requests in this frame

Frame: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C7287B59EA0CB482181F219499BEFEAB
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: A3961CEF3AED1A2718256E45B284BDA4
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: DB6A3970DB40E823CB436E156ABC648E
Requests: 14 HTTP requests in this frame

Frame: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7A425014C5DFE01D85DDD8C946B7615E
Requests: 8 HTTP requests in this frame

Frame: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 3495DE785F9F3BDD640F256B70A324D9
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuhcRCvlpsCGNrA26IBMAE&v=APEucNUFwcM3c86CfwMEThgcupFCB_ptd6EWQXZzJeBdJG8ldij0M3625QOQo1Tc7N3ggJxJOTKZulksCP2898zfgRBrKnSHsOBuZ69nHXZkSTq5hNTC2wOshDz5J4ce-TsX6WC0XwEVV6GClVDuSt6OBvtqr_M2qkwz8hzJzXdTv-tr3XWS67GT0-duX-rnV-6snGebPsNUvf8HGCZ9ATeuYDvSR-X02Q
Frame ID: 8B7516B7DDAB0FE6CB9C02FEB846A858
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html
Frame ID: F5D1CFEB18744845DD2B6D8FF7FAD0C3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnJ3gIQv-TgAhicue6iATAB&v=APEucNVBFNUFmRkXDneZ8uGAi1E0r1EAcz9Gezu4K7QW6BuXf2tSxgvhdkYO2TxeZjtLdlSQ63ApFb9gA2i1x-90BPrI7JsOsriBkcwwKUEAsL25nYXtwgeCccVm5ON46Uq6JQOtCDyzqksB2r5uUwpWFGOHH9L_U49ZwED7ewcUCFdegoZXTQKEYhjJwc0OpkaQGnQ8wlGJK5bCuv7PusBQhMtnyYl_lQ
Frame ID: 23E7A2A718C1284365556497C8F1223B
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F055F8053FBF6FB2895D588310CBBCC4
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 8969FA376CCDA7AB09B380A755E7852C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AD3F2ABC71E9EACB893AF503F4B08F58
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25a155543434e%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760
Frame ID: 03C5F2FCB6D1090E9E38E8D994D0155C
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: D2DCB12BE95711BBF2DB0881EE341724
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNOwT9ds9jvqZ17hgAj0ZTiUYhlZmbqwu23j5ZrqbLznY2NVZvUN0mb-dbFvPP7_SKU8f-Fr3vqvX0ozsfFpyrmoNfgZvJwfsLzpfuSMuPXsYE2IxrA81zPxXQJ9ppf2iTOUcVqjNGB3odKT1x7XrV8b9uCdHLeioFRRKRKiHVLc9XY4WF7Vv_1RHfubcUTUUS316W-0aSilszoFK1b6OlXiojpXI58irjL_Nq72GUezJXPTKozrVBLdSVgutDDFp0DMuoUSZ5dgP-0EZLrlmgNXEFEexFVtlubaM1WqT_TmVhGrky&sig=Cg0ArKJSzOE7DIO06ZSyEAE&urlfix=1&adurl=
Frame ID: D9055F7F02C8842C736B0A328A992D37
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760
Frame ID: 55A77431F0665AC06D53E21E0365B659
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Windows Server (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

IIS (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /^(?:Microsoft-)?IIS(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

231
Requests

100 %
HTTPS

49 %
IPv6

29
Domains

44
Subdomains

42
IPs

7
Countries

4810 kB
Transfer

11706 kB
Size

14
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://vote.yam.com/
Title: yamVote 蕃投票

Search URL Search Domain Scan URL

URL: https://vote.yam.com/votes/LNdHQ8YIfDWqMNZ93GAJBQ
Title: 年底大選十公投，你最支持哪個提案？

Search URL Search Domain Scan URL

URL: https://www.yam.com/
Title: 首頁

Search URL Search Domain Scan URL

URL: https://www.facebook.com/yamnews/
Title: fb

Search URL Search Domain Scan URL

URL: https://www.instagram.com/yamnews/
Title: instagram

Search URL Search Domain Scan URL

URL: https://tnntoday.com/
Title: 滔新聞

Search URL Search Domain Scan URL

URL: https://search.yam.com/Search/Web/DefaultKSA.aspx?SearchType=news&l=&p=&k=%E6%9D%8E%E5%85%89%E6%B4%99
Title: 李光洙

Search URL Search Domain Scan URL

URL: https://search.yam.com/Search/Web/DefaultKSA.aspx?SearchType=news&l=&p=&k=%E7%8F%89%E5%A8%A5
Title: 珉娥

Search URL Search Domain Scan URL

URL: https://search.yam.com/Search/Web/DefaultKSA.aspx?SearchType=news&l=&p=&k=%E8%81%AF%E8%A9%A0
Title: 聯詠

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210426340307

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fbeautifulpeoplecosme.com%2F2021%2F04%2F20%2F0422%2F%3Ftripid%3D489e13248950761a56dc532bf673ac6a%26popintoken%3D489e13248950761a56dc532bf673ac6a&data=eyJjdmlkIjoibm9pcmVmbGV0LXdhbmciLCJjIjoiMy4wIiwidHoiOiJ0dyIsImYiOiIyIiwibmlkIjoiNjA4NjNlOTJmNjg2YjYxOTI0MWY5MWE1IiwiY2FtcGFpZ24iOiI2MDgxMGYzNmY2ODZiNjM1NWUxNTk2MDQiLCJtZWRpYSI6Im4ueWFtLmNvbSIsIm0iOiIyNjk5Mjk0NyIsImRldmljZSI6InBjIn0=&token=489e13248950761a56dc532bf673ac6a&t=1619576850861&uid=402e5c7ad1fede870901619569649811&api_host=tw.popin.cc&logid=b3bdaf7e-8ca0-4226-8b3d-805959229e0a&extra=m_ch_with_sz_word-pc&mode=20170420&referer_type=organic&td_client_id=f8ba1f31-1c2a-4225-a783-82cafbee8d3b

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427943899

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210428255067

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fbeauty-lab.xyz%2Farchives%2F15328%3Ftripid%3Dc6a22f6760cb2db53b7abbf927c64651%26popintoken%3Dc6a22f6760cb2db53b7abbf927c64651&data=eyJjdmlkIjoiUFVQRS1DIiwiYyI6IjMuMCIsInR6IjoidHciLCJmIjoiMiIsIm5pZCI6IjYwNTg0NjQ5ZjY4NmI2NWJjYzQ3ZWEyNCIsImNhbXBhaWduIjoiNjA1MzMwYTlmNjg2YjY2ZDZlM2YzYTc0IiwibWVkaWEiOiJuLnlhbS5jb20iLCJtIjoiMjY5OTI5NDciLCJkZXZpY2UiOiJwYyJ9&token=c6a22f6760cb2db53b7abbf927c64651&t=1619576850861&uid=402e5c7ad1fede870901619569649811&api_host=tw.popin.cc&logid=b3bdaf7e-8ca0-4226-8b3d-805959229e0a&extra=m_ch_with_sz_word-pc&mode=20170420&referer_type=organic&td_client_id=f8ba1f31-1c2a-4225-a783-82cafbee8d3b

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427528440

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fdangdangbeauty.com%2Farchives%2F17904%3Ftripid%3De8ff6e5dcf64d830d1f46c39d65ff410%26popintoken%3De8ff6e5dcf64d830d1f46c39d65ff410&data=eyJjdmlkIjoiV0gyMDIxLXlvc2FuIiwiYyI6IjMuMCIsInR6IjoidHciLCJmIjoiMiIsIm5pZCI6IjYwNjZkYmU1ZjY4NmI2NzM3NjEwZjEyNSIsImNhbXBhaWduIjoiNjA2NmRiYWJmNjg2YjY1ZjUzMTEwZWU0IiwibWVkaWEiOiJuLnlhbS5jb20iLCJtIjoiMjY5OTI5NDciLCJkZXZpY2UiOiJwYyJ9&token=e8ff6e5dcf64d830d1f46c39d65ff410&t=1619576850861&uid=402e5c7ad1fede870901619569649811&api_host=tw.popin.cc&logid=b3bdaf7e-8ca0-4226-8b3d-805959229e0a&extra=m_ch_with_sz_standard-pc&mode=20170420&referer_type=organic&td_client_id=f8ba1f31-1c2a-4225-a783-82cafbee8d3b

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210428415980

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=http%3A%2F%2Fbeauty-skin.tw%2F%3Fp%3D8823%26tripid%3Db2331e1215e50a4ffa802b3c8467183d%26popintoken%3Db2331e1215e50a4ffa802b3c8467183d&data=eyJjdmlkIjoiQVBQUyIsImMiOiIzLjAiLCJ0eiI6InR3IiwiZiI6IjIiLCJuaWQiOiI2MDg3N2U4MmY2ODZiNjRmYTM2YTgzMjQiLCJjYW1wYWlnbiI6IjVmZGIxZWFlZjY4NmI2NWFlYjYyMGQ2NCIsIm1lZGlhIjoibi55YW0uY29tIiwibSI6IjI2OTkyOTQ3IiwiZGV2aWNlIjoicGMifQ==&token=b2331e1215e50a4ffa802b3c8467183d&t=1619576850861&uid=402e5c7ad1fede870901619569649811&api_host=tw.popin.cc&logid=b3bdaf7e-8ca0-4226-8b3d-805959229e0a&extra=m_ch_with_sz_standard-pc&mode=20170420&referer_type=organic&td_client_id=f8ba1f31-1c2a-4225-a783-82cafbee8d3b

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210426648167

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fbeautifulpeoplecosme.com%2F2021%2F04%2F27%2Fpc%2F%3Ftripid%3Decfc15fc239fdef514b9aee7fcc44d58%26popintoken%3Decfc15fc239fdef514b9aee7fcc44d58&data=eyJjdmlkIjoibm9pcmVmbGV0LXdhbmciLCJjIjoiMy4wIiwidHoiOiJ0dyIsImYiOiIyIiwibmlkIjoiNjA4N2U0MTBmNjg2YjYxOGNiNzkxYmU3IiwiY2FtcGFpZ24iOiI2MDg3YzhlOWY2ODZiNjdmZjE0ZTllYjQiLCJtZWRpYSI6Im4ueWFtLmNvbSIsIm0iOiIyNjk5Mjk0NyIsImRldmljZSI6InBjIn0=&token=ecfc15fc239fdef514b9aee7fcc44d58&t=1619576850861&uid=402e5c7ad1fede870901619569649811&api_host=tw.popin.cc&logid=b3bdaf7e-8ca0-4226-8b3d-805959229e0a&extra=m_ch_with_sz_standard-pc&mode=20170420&referer_type=organic&td_client_id=f8ba1f31-1c2a-4225-a783-82cafbee8d3b

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210426516883

Search URL Search Domain Scan URL

URL: https://a.popin.cc/popin_redirect/redirect?lp=https%3A%2F%2Fdangdangbeauty.com%2Farchives%2F11734%3Ftripid%3De2cea492becf4ea677f0e1bc3a360047%26popintoken%3De2cea492becf4ea677f0e1bc3a360047&data=eyJjdmlkIjoiSEFCQVJBQkktSyIsImMiOiIzLjAiLCJ0eiI6InR3IiwiZiI6IjIiLCJuaWQiOiI1Zjc2YTIzYmY2ODZiNjM1ODY0ZGZmNTQiLCJjYW1wYWlnbiI6IjVlNGExZjIyZjY4NmI2NjA1NDA5MjI4NyIsIm1lZGlhIjoibi55YW0uY29tIiwibSI6IjI2OTkyOTQ3IiwiZGV2aWNlIjoicGMifQ==&token=e2cea492becf4ea677f0e1bc3a360047&t=1619576850861&uid=402e5c7ad1fede870901619569649811&api_host=tw.popin.cc&logid=b3bdaf7e-8ca0-4226-8b3d-805959229e0a&extra=m_ch_with_sz_standard-pc&mode=20170420&referer_type=organic&td_client_id=f8ba1f31-1c2a-4225-a783-82cafbee8d3b

Search URL Search Domain Scan URL

URL: https://traffic.popin.cc/redirect/discovery?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210428226666

Search URL Search Domain Scan URL

URL: https://travel.yam.com/
Title: yam 輕旅行

Search URL Search Domain Scan URL

URL: https://policies.yam.com/duty
Title: 服務條款

Search URL Search Domain Scan URL

URL: https://policies.yam.com/privacy
Title: 隱私權政策

Search URL Search Domain Scan URL

URL: http://help.yam.com/
Title: 服務中心

Search URL Search Domain Scan URL

URL: http://help.yam.com/m/
Title: 聯絡我們

Search URL Search Domain Scan URL

URL: http://value.yam.com/
Title: 廣告刊登

Search URL Search Domain Scan URL

URL: http://company.yam.com/manpower/
Title: 人才招募

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 114

https://track.adform.net/adfserve/?bn=41128529;extvars={campaign_id:48662447|insertion_id:19233058|auction_id:ABAjH0gVpqSaTgPZMfr31z0IwG9Y|creative_id:341548188;1x1inv=1;srctype=3;ord=ABAjH0gVpqSaTgPZMfr31z0IwG9Y HTTP 302
https://track.adform.net/adfserve/?CC=1&bn=41128529;extvars={campaign_id:48662447|insertion_id:19233058|auction_id:ABAjH0gVpqSaTgPZMfr31z0IwG9Y|creative_id:341548188;1x1inv=1;srctype=3;ord=ABAjH0gVpqSaTgPZMfr31z0IwG9Y

Request Chain 120

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 122

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 134

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0Ti2qVOthsvWxqXTokE4Q&google_cver=1

Request Chain 135

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIjIEkAhJnjUpnJGZAZ7rQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0Ti2qVOthsvWxqXTokE4Q&google_cver=1

Request Chain 136

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEKkWRcFtS3jrP5o-wJCYjM8&google_cver=1

Request Chain 137

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NjU3NDQ2OTgwODM2NTU3MQ%3D%3D

Request Chain 148

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDqGiggZLAV_LCGOxwzmHI8&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDqGiggZLAV_LCGOxwzmHI8&google_cver=1

Request Chain 149

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTc4ODkwOTEtNGY3MC0yOTZiLWVhNDUtNmQ1YzMyN2Q4NTg1

Request Chain 150

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEN2Mdsms-7bz8YtYqhWoE1M&google_cver=1

Request Chain 151

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDhhZGRmNGUtZGQ3Yi00MDQxLWE2ZDQtODhlMzExNjU2NTdj

Request Chain 158

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 181

https://www.facebook.com/v2.11/plugins/comments.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25a155543434e%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25a155543434e%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25a155543434e%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

Request Chain 215

https://www.facebook.com/v2.11/plugins/comments.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760 HTTP 302
https://www.facebook.com/plugins/comments.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760 HTTP 302
https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

231 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request 20210427101792 Show response
n.yam.com/Article/ 45 KB
15 KB 1019ms
438ms Document
text/html 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 0955c5e32056ba9afe33469fad11ea258f558b6661a2cd5ca06cf26fb9f93717

Request headers

Host: n.yam.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-AspNetMvc-Version: 5.2
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Date: Wed, 28 Apr 2021 02:27:27 GMT
Content-Length: 14875

GET
H/1.1 200
OK style.css
n.yam.com/Content/ 41 KB
8 KB 191ms
191ms Stylesheet
text/css 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.yam.com/Content/style.css?v0.02
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 1a5c2fa2d8e0049a5441859cb008db4b6c6fcffe73976225b6e2bfe08ed0f9cd

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://n.yam.com/Article/20210427101792
Connection: keep-alive
Referer: https://n.yam.com/Article/20210427101792
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:28 GMT
Content-Encoding: gzip
Last-Modified: Mon, 17 Dec 2018 03:32:57 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "807abb33b995d41:0"
Vary: Accept-Encoding
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 7599

GET
H/1.1 200
OK jquery.min.js Show response
n.yam.com/scripts/ 94 KB
33 KB 388ms
196ms Script
application/javascript 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.yam.com/scripts/jquery.min.js
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://n.yam.com/Article/20210427101792
Connection: keep-alive
Referer: https://n.yam.com/Article/20210427101792
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jun 2017 03:55:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0251812be0d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 33365

GET
H/1.1 200
OK main.js Show response
n.yam.com/scripts/ 6 KB
2 KB 570ms
191ms Script
application/javascript 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.yam.com/scripts/main.js
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 180c7cb3d801ef8f115e4800430b2622d76002c39c32495b8aa6cc0b865f0a00

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://n.yam.com/Article/20210427101792
Connection: keep-alive
Referer: https://n.yam.com/Article/20210427101792
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jun 2017 03:55:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0251812be0d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1900

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 138ms
47ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

460623a8ce1a4793f0e26bb48b9db73ef3da9214c575a8b7a6c137b5bb535412

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "855 / 877 of 1000 / last-modified: 1619561335"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21062
x-xss-protection: 0
expires: Wed, 28 Apr 2021 02:27:29 GMT

GET
H/1.1 200
OK line_dog.png
n.yam.com/images/ 20 KB
20 KB 363ms
361ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/line_dog.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8246297b958c38c4ce4902ff522c1e9192ec9b35c883587b22533f78b57e1d28

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Article/20210427101792
Connection: keep-alive
Referer: https://n.yam.com/Article/20210427101792
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:28 GMT
Last-Modified: Sat, 31 Mar 2018 08:27:11 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "b2d7bc10cac8d31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 20442

GET
H/1.1 200
OK menu.png
n.yam.com/images/ 16 KB
17 KB 727ms
197ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/menu.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 8959cbb31bc9bfc1725be63c62be12e61153d1323bcbbd72583a920cbdde82a3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Article/20210427101792
Connection: keep-alive
Referer: https://n.yam.com/Article/20210427101792
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Thu, 08 Jun 2017 03:55:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "903262fbe0d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 16882

GET
H/1.1 200
OK cardu_news_202104270010.jpg
yamnews.blob.core.windows.net/20210427/ 169 KB
170 KB 974ms
239ms Image
image/jpeg 52.239.128.36
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yamnews.blob.core.windows.net/20210427/cardu_news_202104270010.jpg
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.128.36 Central, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9c969585d5dedeaa55170267800d6d1af5673e449c64c103e6336ee8a09348a5

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Tue, 27 Apr 2021 15:41:00 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: bw4pMpEZg0cJXzAuBSR1sw==
ETag: "0x8D90992DBAFC8A7"
Content-Type: image/jpeg
x-ms-request-id: bd249d31-801e-0079-31d6-3be401000000
x-ms-version: 2014-02-14
Accept-Ranges: bytes
Content-Length: 173450
x-ms-lease-state: available

GET
H/1.1 200
OK footerLogo.png
n.yam.com/images/ 94 KB
94 KB 978ms
360ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/footerLogo.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ce1f3c592fb1fa8ec36e24e94c7ee1078b7b5cce37aa1f2dfad408e48f7bc83d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Article/20210427101792
Connection: keep-alive
Referer: https://n.yam.com/Article/20210427101792
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Thu, 08 Jun 2017 03:55:24 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "d56212fbe0d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 95889

GET
H/1.1 200
OK footerFB.png
n.yam.com/images/ 91 KB
91 KB 924ms
197ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/footerFB.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e0e2d7cefffb4d70cc26783bdb91ad8d563733ee196f63e5b99a870b14efd126

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Article/20210427101792
Connection: keep-alive
Referer: https://n.yam.com/Article/20210427101792
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Thu, 08 Jun 2017 03:55:24 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "42473fbe0d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 93133

GET
H/1.1 200
OK footerIG.png
n.yam.com/images/ 91 KB
91 KB 194ms
193ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/footerIG.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 3b3446a0e1254ba70508b10b7ea5bfbd60e42f22c1bdba89a421a72d25aed643

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Article/20210427101792
Cookie: ai_user=4RruC|2021-04-28T02:27:29.332Z; _ga=GA1.2.1252067354.1619576849; _gid=GA1.2.950072933.1619576849; _gat_gtag_UA_16227618_1=1; ai_session=MIhao|1619576849514.485|1619576849514.485
Connection: keep-alive
Referer: https://n.yam.com/Article/20210427101792
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Thu, 08 Jun 2017 03:55:24 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "eb177fbe0d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 93396

GET
H/1.1 200
OK footerHome.png
n.yam.com/images/ 91 KB
91 KB 197ms
197ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/footerHome.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 95901cd872570c226a2a131e926a275006f1d37e2dfbda1e6d004b1b0d6a4568

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Article/20210427101792
Cookie: ai_user=4RruC|2021-04-28T02:27:29.332Z; _ga=GA1.2.1252067354.1619576849; _gid=GA1.2.950072933.1619576849; _gat_gtag_UA_16227618_1=1; ai_session=MIhao|1619576849514.485|1619576849514.485; _ss_pp_id=402e5c7ad1fede870901619569649811
Connection: keep-alive
Referer: https://n.yam.com/Article/20210427101792
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Thu, 08 Jun 2017 03:55:24 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "1f435fbe0d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 93214

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-16227618-1

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f2788c1e64704c218ea4cd7565a231d2ae57cc309c824cd1029fb40729914e78

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35720
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Apr 2021 02:27:28 GMT

GET
H/1.1 200
OK ResizeSensor.min.js Show response
n.yam.com/Scripts/ 2 KB
1 KB 195ms
190ms Script
application/javascript 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.yam.com/Scripts/ResizeSensor.min.js
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 535c0cbf7d9ba30714479b2fbc3c5c6f8aac89d1aebe4280d1026d1fa29c7d72

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://n.yam.com/Article/20210427101792
Connection: keep-alive
Referer: https://n.yam.com/Article/20210427101792
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jun 2017 03:55:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "e5497012be0d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1208

GET
H/1.1 200
OK theia-sticky-sidebar.min.js Show response
n.yam.com/Scripts/ 5 KB
2 KB 190ms
190ms Script
application/javascript 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://n.yam.com/Scripts/theia-sticky-sidebar.min.js
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://n.yam.com/Article/20210427101792
Connection: keep-alive
Referer: https://n.yam.com/Article/20210427101792
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 08 Jun 2017 03:55:30 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "0251812be0d21:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Accept-Ranges: bytes
Content-Length: 1776

GET
H/1.1 200
OK sp-tools.bundle.js Show response
player.ivideosmart.com/ivsplayer/v3/ 5 KB
3 KB 31ms
6ms Script
application/x-javascript 2a02:26f0:10::214:8f06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::214:8f06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ba44cdbcfe1363caf6f1ab3bf350e9141ea3f893c6952e0dbb48537141e3bdad

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Apr 2020 14:47:28 GMT
Connection: keep-alive
ETag: "c729bb1e2e66f3af22755e65d3218fcb:1611638384.708987"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
Akamai-Mon-Iucid-Del: 1125181
Accept-Ranges: bytes
Content-Length: 2186

GET
H/1.1 200
OK yam_AD.min.js Show response
admd.yam.com/JS/ 13 KB
4 KB 828ms
192ms Script
application/javascript 13.76.41.74
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://admd.yam.com/JS/yam_AD.min.js?r=2699294
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.41.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / CSCWORM
Resource Hash: 6a780c5fa5c99f71f5c5f711477fffc2e6c453995ce779d3f66a8d74c6983141

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Content-Encoding: gzip
ETag: "805c12effdfbd01:0"
Last-Modified: Thu, 01 Oct 2015 04:02:05 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: CSCWORM
Vary: Accept-Encoding
Content-Type: application/javascript
access-control-allow-origin: *
Cache-Control: max-age=280800
Accept-Ranges: bytes
access-control-allow-headers: content-type
Content-Length: 3861
Expires: 1 days

GET
H2 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 36ms
36ms Script
application/x-javascript 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55a78e38cdd095b28dbeacfa443bfecdb91046511f1cdef4a41c4128a20c0761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: XCEBYvLMxg2pc8V26/Khdw==
cross-origin-resource-policy: cross-origin
expires: Wed, 28 Apr 2021 02:44:42 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1781
x-fb-rlafr: 0
x-fb-debug: VJwfnajD/K6anLdRfUkxi4vu1hfXnvK7MpnhIKifL/giFTBcmNukeGxpPi3EqDcSuH/uWqbHhpadAZJG1g1TCw==
x-fb-trip-id: 512678718
x-fb-content-md5: c3a45f3895654da43b91dc1a42071d01
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 28 Apr 2021 02:27:28 GMT
x-frame-options: DENY
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c4996d0153d9304ebdd608c234dec926"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 90 KB
35 KB 48ms
46ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TPVR9P4

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbc3c76eef40972f6aafba539e386318e6182fab2664f0ed23a60c8725aad6dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:29 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35486
x-xss-protection: 0
last-modified: Wed, 28 Apr 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 28 Apr 2021 02:27:29 GMT

GET
H/1.1 200
OK menuClose.png
n.yam.com/images/ 19 KB
20 KB 192ms
191ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/menuClose.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b470a9ccb87f12a1e884dd7b83f52df6cbaabd71f89b9d844e94df1da9f76623

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Content/style.css?v0.02
Cookie: ai_user=4RruC|2021-04-28T02:27:29.332Z; _ga=GA1.2.1252067354.1619576849; _gid=GA1.2.950072933.1619576849; _gat_gtag_UA_16227618_1=1; ai_session=MIhao|1619576849514.485|1619576849514.485; _ss_pp_id=402e5c7ad1fede870901619569649811
Connection: keep-alive
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Thu, 08 Jun 2017 03:55:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "bcad72fbe0d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19726

GET
H/1.1 200
OK list.png
n.yam.com/images/ 90 KB
90 KB 199ms
198ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/list.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 9d5cbcadd2608ad6a3d4736c41b799d5b02635ff9443c32282a901c1efe0e2b5

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Content/style.css?v0.02
Cookie: ai_user=4RruC|2021-04-28T02:27:29.332Z; _ga=GA1.2.1252067354.1619576849; _gid=GA1.2.950072933.1619576849; _gat_gtag_UA_16227618_1=1; ai_session=MIhao|1619576849514.485|1619576849514.485; _ss_pp_id=402e5c7ad1fede870901619569649811
Connection: keep-alive
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Thu, 08 Jun 2017 03:55:25 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c3963bfbe0d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 92135

GET
H/1.1 200
OK topIcon.png
n.yam.com/images/ 23 KB
23 KB 669ms
360ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/topIcon.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 80b410ec29856b8a73f32c11d586a7fe30fb0398b485d41420144b217ccdf930

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Content/style.css?v0.02
Connection: keep-alive
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Thu, 08 Jun 2017 03:55:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c7c3f5fbe0d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 23452

GET
H/1.1 200
OK logo_3.png
n.yam.com/images/ 3 KB
3 KB 512ms
203ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/logo_3.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6c6414ec1f58ce4a0475014dd742c1382f163931d7ad64a64386027e1dd53faf

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Content/style.css?v0.02
Connection: keep-alive
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Mon, 17 Dec 2018 03:35:41 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "e26dbe95b995d41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3155

GET
H/1.1 200
OK logo.png
n.yam.com/images/ 13 KB
13 KB 261ms
193ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/logo.png?0803
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: b4515b8f273639bb116e123e614d446918aca49d7216151885da47a90370e837

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Content/style.css?v0.02
Connection: keep-alive
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Mon, 07 Aug 2017 03:35:00 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "14d8e0252efd31:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 13410

GET
H/1.1 200
OK logo_2.png
n.yam.com/images/ 5 KB
5 KB 308ms
213ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/logo_2.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: ea4d8446159d1f71f8dad379c62fe855418b1a7ea0ecdaa5815fb72a8c8ea08c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Content/style.css?v0.02
Connection: keep-alive
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Mon, 17 Dec 2018 03:35:41 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "e1b2b995b995d41:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5327

GET
H/1.1 200
OK searchBtn.png
n.yam.com/images/ 90 KB
91 KB 679ms
370ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/searchBtn.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: c99442f2685ab85f1219dc1da3b9ce48891300e612914f862d85f5ea372e38e6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Content/style.css?v0.02
Connection: keep-alive
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Thu, 08 Jun 2017 03:55:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "1193c1fbe0d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 92568

GET
H/1.1 200
OK weatherSelect.png
n.yam.com/images/ 90 KB
90 KB 457ms
194ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/weatherSelect.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 19e63a64055145811f19b89020689bb5230a3b8d957455044ddcbf4d7308fe63

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Content/style.css?v0.02
Connection: keep-alive
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Thu, 08 Jun 2017 03:55:27 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "c2799d10be0d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 92271

GET index.html
vote.yam.com/CF/ Frame 0DB6 0
0

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame D8AA 45 KB
15 KB 196ms
117ms Document
text/html 2a03:2880:f142:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https://n.yam.com/Article/20210427101792/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7496729d9b749dea92c7f4d87278bb04cee9b2ac60c5591b68aef05dd861e08c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=https://n.yam.com/Article/20210427101792/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://n.yam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://n.yam.com/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: 2R6iXTkocy0+8TIZH4HOHW21ngJxYit9tuIpAkqJObxNjBMgSMyowpIXJp+gtIjWaroMCLZdEGhC/3o8IreGuQ==
date: Wed, 28 Apr 2021 02:27:29 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H/1.1 200
OK textBtn.png
n.yam.com/images/ 90 KB
90 KB 600ms
358ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/textBtn.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: dce196c44d8bd79fea22e1c0419f9f56da0c70d65de227c00043ae1834282dcb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Content/style.css?v0.02
Connection: keep-alive
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Thu, 08 Jun 2017 03:55:26 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "48f1dffbe0d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 91837

GET
H/1.1 200
OK articleLink.png
n.yam.com/images/ 21 KB
21 KB 189ms
189ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://n.yam.com/images/articleLink.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Content/style.css?v0.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 536429eab51aaed2d0386c52000bbe9877a97bb7c825381fefbbdf2ae0c22007

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: n.yam.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://n.yam.com/Content/style.css?v0.02
Cookie: ai_user=4RruC|2021-04-28T02:27:29.332Z; _ga=GA1.2.1252067354.1619576849; _gid=GA1.2.950072933.1619576849; _gat_gtag_UA_16227618_1=1; ai_session=MIhao|1619576849514.485|1619576849514.485; _ss_pp_id=402e5c7ad1fede870901619569649811; _td=f8ba1f31-1c2a-4225-a783-82cafbee8d3b; __gads=ID=f450acfb2eaa15d8-22d0781af6c70008:T=1619576849:S=ALNI_Maz-FbvuX8VcnEDxRvCxRFyx4TrWA
Connection: keep-alive
Referer: https://n.yam.com/Content/style.css?v0.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Thu, 08 Jun 2017 03:55:23 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
ETag: "e26d7febe0d21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 20997

GET
H3-29 200 sdk.js Show response
connect.facebook.net/zh_TW/ 212 KB
62 KB 37ms
37ms Script
application/x-javascript 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=a81a2007cc9d31e1905f070da6243dd6&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a210e1ad2e4ae8010dbe5f9ac8b5291a26cd6ebb7a4851cb0b977092289c0413

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://n.yam.com
Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: I6H5kMoYlY1yHpE11cM+5w==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 63960
x-fb-rlafr: 0
x-fb-debug: d4207C4U+q1EnVqSrDI74GtM8gM+YlE1AUCI0KkuErrhQ0Ap3xpoF/cnhOTXw3ZgThWJsBXgM5UBx1G5IEAPdA==
x-fb-content-md5: b50dc5b3a98706118edcfd94cea735e3
x-frame-options: DENY
date: Wed, 28 Apr 2021 02:27:29 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "57a4bff4b3f60c4581c885ef5b85b1d0"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 28 Apr 2022 01:24:13 GMT

GET
H3-29 200 pubads_impl_2021042201.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
106 KB 92ms
46ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

sffe /

Resource Hash

f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 08:39:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108299
x-xss-protection: 0
expires: Wed, 28 Apr 2021 02:27:29 GMT

GET
H/1.1 200
OK 17.bundle.chunk.js Show response
player.ivideosmart.com/ivsplayer/v3/ 8 KB
3 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:10::214:8f06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/17.bundle.chunk.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::214:8f06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 63649b0266963dc62ef62f4f019da966ae28076f19d7d6b97244a9400cbed560

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Apr 2020 14:47:27 GMT
Connection: keep-alive
ETag: "96ec5f5fa0d1d772c995175b6b1b3b58:1611638368.698373"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
Akamai-Mon-Iucid-Del: 1125181
Accept-Ranges: bytes
Content-Length: 2756

GET
H2 200 yam_tw.js Show response
api.popin.cc/searchbox/ 196 KB
43 KB 546ms
413ms Script
text/javascript 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/searchbox/yam_tw.js
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fa08075c279cbeb20720e6e5347169bca61f0bef32cdbdfc7c1240cee65dbf6e

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:30 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 03:43:40 GMT
server: AmazonS3
x-amz-request-id: 78537S500NWFBJJX
etag: "e6b7af0ccd8281fedeb5d4dd0e675545+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=3600
x-amz-version-id: 0LeQ7o0000.I6RhXEtrdBFKVC6BmQf3s
content-length: 43900
x-amz-id-2: nEaBSE9w85HRrYWvNqpMZaDJkZ+Ezk/BaCYV2T6H+ic3vTmLu6nnJImsWVBjZuDoL7M0jCvZi/4=

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 29ms
8ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Wed, 28 Apr 2021 02:27:29 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 1774
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 497d0847-b01e-0022-03d1-3b2d6a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Wed, 28 Apr 2021 02:57:29 GMT

GET
H/1.1 200
OK / Show response
weather.yam.com/API/GetNowWeather/ 161 B
567 B 779ms
192ms Script
text/html 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://weather.yam.com/API/GetNowWeather/?callback=jQuery111305515108351796754_1619576848883&Country=%E5%9F%BA%E9%9A%86%E5%B8%82&_=1619576848884
Requested by: Host: n.yam.com
URL: https://n.yam.com/scripts/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / IMKEVIN
Resource Hash: 12b4a9ffacb8d63ac697265521f24ec0449d247db36829db247d4772bfae12ec

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: IMKEVIN
Vary: Accept-Encoding
Content-Type: text/html; charset=utf-8
Cache-Control: private
Content-Length: 274

GET
H/1.1 200
OK Cookie set index.html Show response
vote.yam.com/CF/ Frame 78C5 3 KB
2 KB 590ms
204ms Document
text/html 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://vote.yam.com/CF/index.html

Requested by

Host: n.yam.com
URL: https://n.yam.com/scripts/jquery.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

54c6c3362bab491f24ca51c82494dbda9cbeb9e11be129697c65b3f8fc854ff7

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Host: vote.yam.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://n.yam.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://n.yam.com/

Response headers

Cache-Control: private
Content-Length: 1381
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: ASP.NET_SessionId=k14haqhdmi3isucide341hy1; path=/; HttpOnly; SameSite=Lax ARRAffinity=fe0131188d0d8f5d73dcfe80d52622f03cc3e387d146b0ac5101928f37ee6535;Path=/;HttpOnly;Secure;Domain=vote.yam.com ARRAffinitySameSite=fe0131188d0d8f5d73dcfe80d52622f03cc3e387d146b0ac5101928f37ee6535;Path=/;HttpOnly;SameSite=None;Secure;Domain=vote.yam.com
X-Xss-Protection: 1; mode=block
Date: Wed, 28 Apr 2021 02:27:28 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TPVR9P4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b586b6299996b546ef44061c1c8d4d0c180b68454d475936079695bf90e8c8a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "855 / 72 of 1000 / last-modified: 1619561335"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21061
x-xss-protection: 0
expires: Wed, 28 Apr 2021 02:27:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-16227618-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3661
date: Wed, 28 Apr 2021 01:26:28 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Wed, 28 Apr 2021 03:26:28 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 38ms
37ms Image
image/gif 2a03:2880:f142:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=241039752194&ev=fb_page_view&dl=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&rl=&if=false&ts=1619576849315&sw=1600&sh=1200&at=

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Wed, 28 Apr 2021 02:27:29 GMT

GET
H/1.1 200
OK 20.bundle.chunk.js Show response
player.ivideosmart.com/ivsplayer/v3/ 313 B
796 B 10ms
9ms Script
application/x-javascript 2a02:26f0:10::214:8f06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/20.bundle.chunk.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::214:8f06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 088918082f62717d37a1d62e8a251e9a4e10d036090fddbbba37ca7bc03335fd

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Akamai-Mon-Iucid-Del: 1125181
Last-Modified: Thu, 09 Apr 2020 14:47:27 GMT
ETag: "6119b2ac9d0a088fcb9b2aef09798137:1611638381.741828"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 313

GET
H3-29 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame D8AA 400 B
449 B 36ms
36ms Image
image/png 2a03:2880:f142:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=https://n.yam.com/Article/20210427101792/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://n.yam.com/Article/20210427101792/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: MNNOaYJZSLPjY2kHjqhk5UAwMuquxlkQI94z7SsvsV2udKsSmjm69owjpy1qwtiRcyKFKFpr19PtmreXrvLAZQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 20 Apr 2021 21:39:51 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 400
timing-allow-origin: *
priority: u=3,i
x-fb-rlafr: 0
expires: Wed, 20 Apr 2022 21:39:51 GMT

GET
H3-29 200 eqb-ZNc2NGv.js Show response
www.facebook.com/rsrc.php/v3iEpO4/yA/l/en_US/ Frame D8AA 483 KB
125 KB 37ms
37ms XHR
application/x-javascript 2a03:2880:f142:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/yA/l/en_US/eqb-ZNc2NGv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9640c812cd205b51cb3157c1afd6bd9ca61456b6b7e950b638b10a3ad1374ad1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://n.yam.com/Article/20210427101792/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 17:29:32 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 6OicTu5VbQKIZ+UXmGRz7Q==
cross-origin-resource-policy: cross-origin
content-length: 127741
x-fb-rlafr: 0
x-fb-debug: zNruBfk6N8ljU2jRE41sofRrj2cPTcQwrIarrzrB2tjfmDZ3Qhe3EhbUUGddtD4qbBovJ0U3R8sdgYBmiRGQMg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Apr 2022 17:29:32 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1113342304&t=pageview&_s=1&dl=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&ul=en-us&de=UTF-8&dt=%E4%BF%A1%E7%94%A8%E5%8D%A1%E7%B9%B3%E7%A8%85%E5%84%AA%E6%83%A0%E6%90%B6%E5%85%88%E7%9C%8B%E3%80%80%E8%8A%B1%E6%97%97%E6%96%B0%E6%88%B62%25%E7%8F%BE%E9%87%91%E5%9B%9E%E9%A5%8B%20%7C%20%E8%95%83%E6%96%B0%E8%81%9E&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=1966016282&gjid=697610813&cid=1252067354.1619576849&tid=UA-16227618-1&_gid=950072933.1619576849&_r=1&gtm=2ou4e1&z=1912677865

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://n.yam.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1.bundle.chunk.js Show response
player.ivideosmart.com/ivsplayer/v3/ 15 KB
6 KB 8ms
8ms Script
application/javascript 2a02:26f0:10::214:8f06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/1.bundle.chunk.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::214:8f06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a4ac0fd75bb413471276f5f9b2a919915a2eff38553fb71b72222cf562831488

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: FRA56-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 5376
Last-Modified: Thu, 09 Apr 2020 14:47:28 GMT
Server: AmazonS3
ETag: W/"221846096397a0c6f61270d77debdb3d"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: w58_VFv495ks98lbw8DfdatUjkRnf9MJNbjGR2BzO8ZIkt4dvq27vw==

GET
H2 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
799 B 97ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=n.yam.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 02:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=n.yam.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 02:27:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 237 KB
63 KB 507ms
501ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1606888329408971&correlator=3734467647422125&output=ldjh&impl=fifs&eid=31060783%2C31060901&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=22074138688%2CCF_300x600_rightcolumn%2CCF_300x250_Belowthetext%2CCF_300x250_Lowerrightsideofthetext%2CCF_728x90_Belowthetext%2CCF_728x90_Mastheadabove&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5&prev_iu_szs=300x600%2C300x250%2C300x250%2C728x90%2C728x90&cookie_enabled=1&bc=31&abxe=1&lmt=1619576849&dt=1619576849457&dlt=1619576848317&idt=1110&frm=20&biw=1600&bih=1200&oid=3&adxs=1050%2C1050%2C710%2C250%2C436&adys=677%2C1277%2C1442%2C2313%2C215&adks=610970660%2C595201096%2C3154461170%2C1153769806%2C1120119845&ucis=1%7C2%7C3%7C4%7C5&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x1160%7C300x1160%7C760x0%7C760x2642%7C1600x3351&msz=300x-1%7C300x-1%7C300x-1%7C728x-1%7C728x-1&ga_vid=1252067354.1619576849&ga_sid=1619576849&ga_hid=1113342304&ga_fc=false&fws=0%2C0%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

c2ebf96506711c4b9b24086ae8d973caff7802f7322f52cea2c5c57c66601fbf

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI_TuPbxn_ACFVXAEQgdadYMzA&gqi=&layout=/sadbundle/%24csp%253Der3%24/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CI_TuPbxn_ACFVXAEQgdadYMzA&gqi=&layout=/sadbundle/%24csp%253Der3%24/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1,-1,-1,-1,-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64552
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1
pragma: no-cache
server: cafe
date: Wed, 28 Apr 2021 02:27:29 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://n.yam.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 49ms
14ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 8ms
6ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK 12.bundle.chunk.js Show response
player.ivideosmart.com/ivsplayer/v3/ 39 KB
12 KB 7ms
7ms Script
application/javascript 2a02:26f0:10::214:8f06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/12.bundle.chunk.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::214:8f06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e70d938561bf4d2cc26cb6f7db5634c5c1cc7c5f2c21fa330185739cf07e126d

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Amz-Cf-Pop: FRA56-C1
Connection: keep-alive
Akamai-Mon-Iucid-Del: 1125181
Content-Length: 12043
Last-Modified: Thu, 09 Apr 2020 14:47:28 GMT
Server: AmazonS3
ETag: W/"cdc38c354b8c2f290e9f37de6f266cc4"
Access-Control-Max-Age: 86400
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
X-Amz-Cf-Id: wVHH2AaCJfvX_XJhT26RvjazQQG-h57Ot-Za27jR7HvA4pKcFzesMg==

GET
H/1.1 200
OK 11.bundle.chunk.js Show response
player.ivideosmart.com/ivsplayer/v3/ 19 KB
7 KB 15ms
6ms Script
application/x-javascript 2a02:26f0:10::214:8f06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/11.bundle.chunk.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::214:8f06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 20b7efa85f61ef7ed2b2a29f97c40b2d8c698442e6671058ef3af71ed882b104

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Apr 2020 14:47:28 GMT
Connection: keep-alive
ETag: "71a845966ac857cbd92eb36c3ba42ffa:1611638355.504319"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
Akamai-Mon-Iucid-Del: 1125181
Accept-Ranges: bytes
Content-Length: 6892

GET
H/1.1 200
OK 4.bundle.chunk.js Show response
player.ivideosmart.com/ivsplayer/v3/ 21 KB
5 KB 20ms
7ms Script
application/x-javascript 2a02:26f0:10::214:8f06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/4.bundle.chunk.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::214:8f06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e39f4d0766632aea74b7e75ca572ac66208ffbce5582069a9c1ef9ebbe69d0b0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Apr 2020 14:47:27 GMT
Connection: keep-alive
ETag: "06218dda9acb30194dda4bf39e9562a2:1611638349.831233"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
Akamai-Mon-Iucid-Del: 1125181
Accept-Ranges: bytes
Content-Length: 4669

GET
H3-29 200 cavalry_endpoint.php
www.facebook.com/common/ Frame D8AA 67 B
97 B 91ms
91ms Image
image/png 2a03:2880:f142:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1619576849321&t_start=1619576849321&t_domcontent=1619576849410&t_layout=1619576849534&t_onload=1619576849534&t_paint=1619576849534&t_creport=1619576849534&t_tti=1619576849410&lid=6956029601488251971-0

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=https://n.yam.com/Article/20210427101792/&width=90px&layout=button_count&action=like&show_faces=false&share=false&height=21&appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: FCKCpwazITfiLQFKveoHvG4qhD86h/QAL/P9shf9CFXSsulS4RnUtf5WkksGuuuIT5Ky3IThAQIMYYF9te7sVw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Wed, 28 Apr 2021 02:27:29 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 202 / Show response
sessions.bugsnag.com/ 21 B
97 B 146ms
146ms XHR
application/json 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version: 1
Referer: https://n.yam.com/
Bugsnag-Sent-At: 2021-04-28T02:27:29.551Z
Bugsnag-Api-Key: 5a1b4843624276a4f4c992765be3024f
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Wed, 28 Apr 2021 02:27:29 GMT
via: 1.1 google
alt-svc: clear
content-length: 21
content-type: application/json

OPTIONS
H2 200 /
sessions.bugsnag.com/ Frame 0
0 167ms
151ms Preflight 2600:1901:0:7a0b::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sessions.bugsnag.com/
Protocol: H2
Server: 2600:1901:0:7a0b:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Origin: https://n.yam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-headers: Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods: POST
access-control-allow-origin: *
date: Wed, 28 Apr 2021 02:27:29 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK 9.bundle.chunk.js Show response
player.ivideosmart.com/ivsplayer/v3/ 17 KB
5 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:10::214:8f06
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://player.ivideosmart.com/ivsplayer/v3/9.bundle.chunk.js
Requested by: Host: player.ivideosmart.com
URL: https://player.ivideosmart.com/ivsplayer/v3/sp-tools.bundle.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10::214:8f06 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: a0682a63b832d3473c0eca3dce6a3b09909c0deb86eb24df79d766221e37b5bd

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Apr 2020 14:47:27 GMT
Connection: keep-alive
ETag: "68fe73af4e8d07add176403af71b4107:1611638356.930142"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Cache-Control: max-age=2678400
Access-Control-Allow-Credentials: true
Akamai-Mon-Iucid-Del: 1125181
Accept-Ranges: bytes
Content-Length: 5083

GET
H2 200 td_js_sdk_171.js Show response
api.popin.cc/ 34 KB
13 KB 43ms
43ms Script
text/javascript 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/td_js_sdk_171.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/yam_tw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BAD) /
Resource Hash: 19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:29 GMT
content-encoding: gzip
last-modified: Thu, 11 Jan 2018 09:42:51 GMT
server: ECS (amb/6BAD)
age: 2446
etag: "17b2e8b253e693d224f7d8407e28e1ea+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=3600
x-amz-request-id: 97FVZDTFZBQ7KA2V
content-length: 12707
x-amz-version-id: null
x-amz-id-2: wspu1mXypEYAXigPvf68/mLAHqifhDm22/hptbwJRQTdt7ZGpqMwgYPailGnZXCgHSQm+6tVaao=

GET
H/1.1 200 recommend Show response
tw.popin.cc/popin_discovery/ 73 KB
20 KB 1476ms
592ms Script
application/javascript 119.63.198.189
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to

Full URL: https://tw.popin.cc/popin_discovery/recommend?mode=new&url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&&rid=000000&device=pc&media=n.yam.com&extra=windows&agency=cnplus&topn=50&ad=15&r_category=all&country=tw&redirect=true&uid=402e5c7ad1fede870901619569649811&info=eyJ1c2VyX3RkX29zIjoiV2luZG93cyIsInVzZXJfdGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsInVzZXJfdGRfYnJvd3NlciI6IkNocm9tZSIsInVzZXJfdGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidXNlcl90ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ1c2VyX3RkX3ZpZXdwb3J0IjoiMTYwMHgxMjAwIiwidXNlcl90ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidXNlcl90ZF9yZWZlcnJlciI6IiIsInVzZXJfdGRfcGF0aCI6Ii9BcnRpY2xlLzIwMjEwNDI3MTAxNzkyIiwidXNlcl90ZF9jaGFyc2V0IjoidXRmLTgiLCJ1c2VyX3RkX2xhbmd1YWdlIjoiZW4tdXMiLCJ1c2VyX3RkX2NvbG9yIjoiMjQtYml0IiwidXNlcl90ZF90aXRsZSI6IiVFNCVCRiVBMSVFNyU5NCVBOCVFNSU4RCVBMSVFNyVCOSVCMyVFNyVBOCU4NSVFNSU4NCVBQSVFNiU4MyVBMCVFNiU5MCVCNiVFNSU4NSU4OCVFNyU5QyU4QiVFMyU4MCU4MCVFOCU4QSVCMSVFNiU5NyU5NyVFNiU5NiVCMCVFNiU4OCVCNjIlMjUlRTclOEYlQkUlRTklODclOTElRTUlOUIlOUUlRTklQTUlOEIlMjAlN0MlMjAlRTglOTUlODMlRTYlOTYlQjAlRTglODElOUUiLCJ1c2VyX3RkX3VybCI6Imh0dHBzOi8vbi55YW0uY29tL0FydGljbGUvMjAyMTA0MjcxMDE3OTIiLCJ1c2VyX3RkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidXNlcl90ZF9ob3N0Ijoibi55YW0uY29tIiwidXNlcl9kZXZpY2UiOiJwYyIsInVzZXJfdGltZSI6MTYxOTU3Njg0OTgxMiwiZnJ1aXRfYm94X3Bvc2l0aW9uIjoiIiwiZnJ1aXRfc3R5bGUiOiIifQ==&alg=ltr&callback=_p6_934cb6482f37
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/yam_tw.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.189 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 3ab46f0ba626e531d6055df47d8aad50a1744cf637fca3c68e8c59f812578fd9

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:30 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx/1.13.5
Connection: keep-alive
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8

GET
H2 200 popin_discovery5-min.js Show response
api.popin.cc/ 160 KB
44 KB 44ms
43ms Script
text/javascript 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/popin_discovery5-min.js
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/searchbox/yam_tw.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B90) /
Resource Hash: 149ffde0cc4b2f720a361d1198d61319766bc657e7a6ee9dbc36bce8d131a6f4

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:29 GMT
content-encoding: gzip
last-modified: Mon, 19 Apr 2021 05:29:34 GMT
server: ECS (amb/6B90)
age: 2992
etag: "f79eec0db79e4ee72508fa8efd009240+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: text/javascript
cache-control: max-age=3600
x-amz-request-id: YDP609T604TWSCCT
content-length: 44641
x-amz-version-id: jEbzWfZyhCQGPbOuuiAnvhe2d7E0IQE3
x-amz-id-2: J+cwyKgbSvmY0VYKLFShzmP6dK/zr1aeObR3wru30djc+NU4LpZZstnneEMt/FmofBylg8zbhMc=

GET
H/1.1 200
OK style.css
vote.yam.com/CF/css/ Frame 78C5 2 KB
1 KB 190ms
189ms Stylesheet
text/css 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://vote.yam.com/CF/css/style.css

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c45efbafbdd63225cd5d53367a7764a9b1c495e496ad5628bdb1d0b9a585d830

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Nov 2018 06:15:26 GMT
ETag: "0d310466176d41:0"
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 867
X-Xss-Protection: 1; mode=block

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ Frame 78C5 85 KB
30 KB 23ms
8ms Script
application/javascript 2001:4de0:ac18::1:a:2a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer: https://vote.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:29 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: nginx
etag: W/"58d026fb-15283"
vary: Accept-Encoding
x-hw: 1619576849.dop225.fr8.t,1619576849.cds233.fr8.hn,1619576849.cds133.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H/1.1 200
OK jquery.devrama.slider.js Show response
vote.yam.com/CF/js/ Frame 78C5 51 KB
10 KB 195ms
195ms Script
application/x-javascript 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://vote.yam.com/CF/js/jquery.devrama.slider.js

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ffd2a11d59a7fbb41a2008eb97336977f9f37ebe8156cd8adc4a9ac24b96dc78

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Nov 2018 06:15:28 GMT
ETag: "0042476176d41:0"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 9412
X-Xss-Protection: 1; mode=block

GET
H2 200 popin_send_cookie_set_fail.js Show response
api.popin.cc/test/ 13 KB
4 KB 45ms
45ms Script
application/javascript 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://api.popin.cc/test/popin_send_cookie_set_fail.js?20201223
Requested by: Host: api.popin.cc
URL: https://api.popin.cc/popin_discovery5-min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B77) /
Resource Hash: 1b1538ae50fd4837b2d666c53c2001e9d17900be96afe29ad6e0959be25e7406

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:29 GMT
content-encoding: gzip
last-modified: Tue, 16 Mar 2021 07:00:22 GMT
server: ECS (amb/6B77)
age: 69910
etag: "40ef446de8bc060bf7029f02f429d95c+gzip"
vary: Accept-Encoding
x-cache: HIT
content-type: application/javascript
x-amz-request-id: X3SK96BNW41M12ZR
content-length: 3896
x-amz-version-id: UFXK_rPkO_LVDe1kZmkgodLc5zcbKvY0
x-amz-id-2: gk17FH7czRKXJsg2tZo3WYgv3DJpVBr+AXrkBeLi/yUPz25IR8Rspme8PPYIi8AL8/hglzb6TqA=

GET
H/1.1 200
OK f.png
weather.yam.com/Images/status/news/ 2 KB
2 KB 197ms
196ms Image
image/png 13.76.85.56
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://weather.yam.com/Images/status/news/f.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.85.56 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / IMKEVIN
Resource Hash: 24a0efd193f41e0a7ced33123901e02bf5fb80488ee228d67f8975701c0a6f78

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Thu, 18 May 2017 09:27:41 GMT
Server: Microsoft-IIS/8.5
X-Powered-By: IMKEVIN
ETag: "4a8cbcffb8cfd21:0"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 1981

GET
H3-29 200 container.html Show response
0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C728 6 KB
3 KB 21ms
7ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://n.yam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://n.yam.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 28 Apr 2021 02:27:29 GMT
expires: Thu, 28 Apr 2022 02:27:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188783439141"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28201
x-xss-protection: 0
expires: Wed, 28 Apr 2021 02:27:30 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame A396 190 KB
55 KB 40ms
17ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43021
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame A396 12 KB
5 KB 57ms
34ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43021
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame A396 87 KB
27 KB 60ms
37ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43021
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame A396 27 KB
9 KB 57ms
35ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43021
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame A396 40 KB
13 KB 58ms
36ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43021
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
DATA 200
OK truncated
/ Frame A396 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6a175f8274c88f6f679e2e99e6150a94cb4a7ce7995aa529bc92da7fec4c742

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame DB6A 190 KB
54 KB 38ms
23ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43021
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame DB6A 12 KB
4 KB 26ms
9ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43021
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame DB6A 87 KB
27 KB 29ms
11ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43021
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame DB6A 27 KB
9 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43021
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame DB6A 40 KB
13 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 43021
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Tue, 27 Apr 2021 14:30:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 14:30:29 GMT

GET
DATA 200
OK truncated
/ Frame DB6A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a7e018ff44a710b6aaa28b71ec8849258d3608c0fa9b6cb0894e9c4cea0e150

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 container.html Show response
0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7A42 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://n.yam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://n.yam.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 28 Apr 2021 02:27:29 GMT
expires: Thu, 28 Apr 2022 02:27:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 container.html Show response
0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3495 6 KB
3 KB 15ms
15ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://n.yam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://n.yam.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 28 Apr 2021 02:27:29 GMT
expires: Thu, 28 Apr 2022 02:27:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 6276185868358982483
tpc.googlesyndication.com/simgad/ Frame A396 32 KB
32 KB 24ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6276185868358982483?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql26fmggnwo67o3QylJH4j7zLberw

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afa7b77bbc0a91fcc3a2a03bd4fa2dbab341ed7c8918a76162c43ef124e63a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 09:56:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 14:14:25 GMT
server: sffe
age: 405078
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32896
x-xss-protection: 0
expires: Sat, 23 Apr 2022 09:56:12 GMT

GET
H3-29 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A396 3 KB
3 KB 24ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 15:35:44 GMT
x-content-type-options: nosniff
server: cafe
age: 39106
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Wed, 28 Apr 2021 15:35:44 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A396 344 B
374 B 23ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 21:00:17 GMT
x-content-type-options: nosniff
server: cafe
age: 19633
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 28 Apr 2021 21:00:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A396 0
0 17ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOkHDdC0ZYjNDdJ8gmVnFLFbSLok2Fxe2ZGv00bsXiiX0u07IgmXYFdiYST7tNidFV9LAI
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A396 0
0 64ms
49ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C7xvgEciIYM2GI9WAx_AP6ayz4Aywjty2YvrH2835DeiM8vCjExABINLMgRpg6eTJhdgaoAHB7pP1A8gBAqkCfr019dW-kT7gAgCoAwHIAwiqBO4BT9C4VpLwim_amfXy4LK3vCGvX0qGImc8lBpyjIiCi9gRjDwIrqeQY9Q_VRRgbrJCT9qy_38L13PWo--9KYqeSuv-csxiEfTCbhbQ47RKGKCns2jgWaqQEIwuI55SI69hNr3ygUfBiajHCoVpQX5X5kCjcwR5qIL-sIytHVFEgi3rxu9LbeK3Hj_9rBQALzMJvaLll-_FjJCGvDtHCIEOh6Z0z_tP6RS0CWodlWgtqkvwitkxjcXg8JdXTVWmkhjP8FpYPj-h77j_PfcZoC6z96Y-Sgw71cDE-X5KtF7eXX5l5pNqsMsqwMk-5BGKS8AEocvowtED4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB7ns0zGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQp-kE0ggJCIDhgFAQARgd8ggbYWR4LXN1YnN5bi0yMjUzNTI2NTg0NTQ3Mzc0gAoDyAsB2BMCshcaChgIABIUcHViLTQ0ODUyMzk0MjU5MjQ3ODc&sigh=rjsI0-xaCck
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 16098792606964419606
tpc.googlesyndication.com/simgad/ Frame DB6A 39 KB
40 KB 16ms
12ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16098792606964419606?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnzQw3xKIFdQa7OL-vNeeZ3lS0ZjA

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3ea0268ca6a1d91fa74667c02046dcf364d64600c483c0ac3ac4a9b7c7a2e190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 02:04:50 GMT
x-content-type-options: nosniff
last-modified: Tue, 21 Jul 2020 08:07:38 GMT
server: sffe
age: 260560
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40445
x-xss-protection: 0
expires: Mon, 25 Apr 2022 02:04:50 GMT

GET
H3-29 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DB6A 3 KB
3 KB 12ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 15:35:44 GMT
x-content-type-options: nosniff
server: cafe
age: 39106
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Wed, 28 Apr 2021 15:35:44 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DB6A 344 B
374 B 12ms
9ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 21:00:17 GMT
x-content-type-options: nosniff
server: cafe
age: 19633
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 28 Apr 2021 21:00:17 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame DB6A 0
0 17ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTrf5C20ZfRnVU7FSt1MLRbx-MaIpw9WLZGUPJ_RHXyA-KjFmUY2bdsCpkcgfjAFGGwa6Ht
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame DB6A 0
0 52ms
48ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CAgitEciIYM6GI9WAx_AP6ayz4Az2-9PiXsm1hpehDJbZjKesCRABINLMgRpg6eTJhdgaoAH_sKSjA8gBAqkC-RjLJd5Ttz7gAgCoAwHIAwiqBO8BT9BUvl1GaugMvamMhzFZ1SeM3xKnOkKBZC2YKpeJWFBb9Oe1YtqD8TPj8R_LYyPRS8Rn0OG2pojRtYsVAhHnxdquPo_pRGYmLcRrdVzJSXHftvhSkxG8b8bl7FPaf44zijtvUJ0G_y-YFyu5MDd4ss9h9i1jrFPyKKOPT0RuyD5A2YUm3YIcXIVA2GkW5NXiCn91BduIHNsEfcTiOAZZn4fqGVTuSf39jwCXePaxIOwFG3NTJ25Y0QC7R2MUOE4o7_6fuGsZi0eraq2dNiYmN6DpuSmNJX78I82a6DCgJvzK8CfKGsfNo_uK5E6D7PPABLC66q-IA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAed5J6fAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCLlALSCAkIgOGAUBABGB3yCBthZHgtc3Vic3luLTIyNTM1MjY1ODQ1NDczNzSACgPICwHYEwyyFxoKGAgAEhRwdWItNDQ4NTIzOTQyNTkyNDc4Nw&sigh=57MkV2HysxU
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H/1.1 200
OK CFbg.png
vote.yam.com/CF/images/ Frame 78C5 88 KB
89 KB 194ms
190ms Image
image/png 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/CF/images/CFbg.png

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1655a16462aefd8ddafed3e67e58288cca40bcfecdf58be3bb9f1bf7512b81ec

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Wed, 07 Nov 2018 06:15:28 GMT
ETag: "0042476176d41:0"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 90554
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK voteLink.png
vote.yam.com/CF/images/ Frame 78C5 92 KB
93 KB 193ms
190ms Image
image/png 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/CF/images/voteLink.png

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ca71ea48130126151c7bb6ae861a878d386eef42a940fd193e672c304357b063

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Wed, 07 Nov 2018 06:15:28 GMT
ETag: "0042476176d41:0"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 94513
X-Xss-Protection: 1; mode=block

GET
H/1.1 200
OK hand.png
vote.yam.com/CF/images/ Frame 78C5 89 KB
90 KB 714ms
190ms Image
image/png 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/CF/images/hand.png

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/css/style.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

849d0cde47450bead63722e7f6b938226b2bbb65e5d9ec606c6ecfe367e922aa

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Last-Modified: Wed, 07 Nov 2018 06:15:28 GMT
ETag: "0042476176d41:0"
Content-Type: image/png
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Content-Length: 91505
X-Xss-Protection: 1; mode=block

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8B75 624 B
350 B 16ms
16ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuhcRCvlpsCGNrA26IBMAE&v=APEucNUFwcM3c86CfwMEThgcupFCB_ptd6EWQXZzJeBdJG8ldij0M3625QOQo1Tc7N3ggJxJOTKZulksCP2898zfgRBrKnSHsOBuZ69nHXZkSTq5hNTC2wOshDz5J4ce-TsX6WC0XwEVV6GClVDuSt6OBvtqr_M2qkwz8hzJzXdTv-tr3XWS67GT0-duX-rnV-6snGebPsNUvf8HGCZ9ATeuYDvSR-X02Q

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CJuhcRCvlpsCGNrA26IBMAE&v=APEucNUFwcM3c86CfwMEThgcupFCB_ptd6EWQXZzJeBdJG8ldij0M3625QOQo1Tc7N3ggJxJOTKZulksCP2898zfgRBrKnSHsOBuZ69nHXZkSTq5hNTC2wOshDz5J4ce-TsX6WC0XwEVV6GClVDuSt6OBvtqr_M2qkwz8hzJzXdTv-tr3XWS67GT0-duX-rnV-6snGebPsNUvf8HGCZ9ATeuYDvSR-X02Q
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnFi-8nSUKUoZ6URjAFUH_sgNjhSgsGFGYfZOj03fTZysGSw5cMzGKb4SAHy10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 28 Apr 2021 02:27:30 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C728 42 KB
20 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bn5WA1cM4yhFJPD9hjZMQBYt6mfI52_OOrxNuodxrPOD7fPTV-mUNv0Lq8xDf_4fuYIJTZRB2GucsBFHo9kDLHHgtvvF5Nur5vPQwRtdISBxMyV1ZJ5-ibWK-YKPOEZU4Synk0yPoNFc4nco9GoMjExSCTBg&dbm_d=AKAmf-BG7lu696dT8UaLKnIKEU7F7yqAXL1SY7Crlv7nZEnK3eR2_RA5fh83nPbTLeUANIJmtffXRcdbQx1EaDNSSyD1PuYxiI2FcNjxNhK4xaSn1E2jRPbNRvMB1DrJR0OvoZ6WuuwviJaIY9YSxRXhjgD_kkN0wuycT7HKMbCNh70emlA9JL7FtXH-IZdqW5vQNup_dVqE9gCDFGOP8PuwX6jBQnzNKrnrQUms-v-5XW0mzhTEfkM3-VmN1gGom36l8Yjx1K_DRNl9S6dWyCYzqfFpUHG9JQJbwmW2fv4BWUKcFoj-lqPAR7l2qixClla2XVA5lquTs0Jk_aSHMBeO6bEDv9uf_6b3eB-9OS5UKr5fIHa6VAmb4M7Cn2KnojqFZKYlM3Q-Od4cFqY835AdGDGWhffcYjPTFJrnsR9jQHvK79yN9ZrWFD157yle63rpEEi3wogKe55iXjC5UoSDJaKTrSYo7_PyPQQcD5Tn1e8DqjJfj-dPKyGPAGN5zn9J9QpO7EWIqwnpcyYHEryPvG5QXPfuen00a42UqbDxenZBOEeVfjzMDE2Y7QmpXh-sGIjuRU-VxlL96OFd5YlMIb6cntcBQt0sS_1HtywozkiLEvtwtt7135UTXBRFfQQ6eIeQN7UBpW-2Hcp2RVd18oW7agHy8V8vnkjfoUwIYD1U1eeo8R4_H2D_P5jisVtDdW2O-HZMuy6tATl6kq63_1yC5ZS2ailvRPt2qRqIiWewMlErTmH0Kxc2hYS7Zl9DRrS259UKRKVjw6k9CSURwhyJXKthJQJlheayy5W849TkiVbAO3LKoZ9C2i4ccrPT93MYkRgvalvgOZnchxT7ufghWmMK6iQTor20qFYzhxaAafP5JQfgAgUslkL7g6eDwXe_AY1vyXojMyJ8DpyWOLFLZ87a83obw9xwXNKtTpgfnPpQEouAAGat4F6a-rEGRfsOgXKst5Roy-prcApQRbOCMYLpyeToNSNVNEl1oNdKiM8kCCNhWrjnspP5IhK5Qn8pWO3c_Sjfjsx3kf-_QRDJXA8UfmTEUQeYdMBInVTDozOvipretmhF89OmnF6WNoFHSzIMFwQ8zRVYBqw-CA5uAvxVipf0HrL-GIbG-6LYe4aPL3rG5MpajvLKo8XdmnTjSFDBYQpUSbRL2CIiCbIDPfHftK2-KcSRIxc_VSuTF_0wv8CC9LsX-sM1cvl20CXOyxmazkFZ0_gaEK9X_k4VrH0TbfDIoU0yGEG5hXW5VX8UzkmtcBG77tWv8ntwXSc0L7amBwqhXxZIAv27tvAppef6SV-5qEBKGOLBltJ7RR3OE8l5aBS_ZEay1sV8hv62FSBLlFIr7dogOUyyjfyGCUyRFTfWZ6BuWrRhLGlu7RK6dOoxefsagKkLU00N9g8jJT6ELe-xJsH_pTqmpEY4ZoedRSO7Kx7WUOBaqhdnBktUrJLVop4EIU4gE-IXEvXBVU81iwlPlKeE_WxgIGTs9DIrz4gN6nrYmgam878JgMzrGPbEaKUJ9DQ_vGsNS5ZhSjg6qmFzLPNJOFaqTmETwFvwQPbFm-6AEym-MV5q4rFpDqoiUO30MEul8OqkKXEk2ThKFvq3gDM36eoifgi0mY55FgB-TAkynhI0XqKksM6e4R07oNeFxD1-Cn-B5C20j00cNh2zbCsaZnPcqr2_DPv5icvSozpLDLe1S2pYMMpCBI9N2LA4AQ5CAbnm7fzUvdy3SnHhxtBv0B7aMY7vN1YmUl04HuL242cpv4cxM9kRwj1Tpm6tIU6cZxkcoE4vHuxHVGtHJ2ivmhnRoTgRVRi3gANe4Ue9FCEuVXg3GU1HTR4OCog06Td1W3sX4O3Y1048yOfCGJsP274oscF7J7M-KYJ-9fGCbJJmZwaa79qjZiTXhikX-H4pkA4DP1KLnWHOhSf2CUcjwZo6Pr7k4CAdxeyFIzmAw5mnBqPbaQsw4LAAs78BFPDJVO89B_DESPwhzQz0W8TKFIAFKWTKPpIp6uFhrgkJvtkar7EdbYD4jKIE_EtaS_K9xvVNjPYTl9US3zkHnTaOrU4Hw2RymCnC7hSfC3mDSgVNVxEKmUtvsPy8lhjVnRYZtbpilBRLCDSHW2_MpA0oeWJQGBfWWTREFqCc_DgAu3sQhRlWwAftxli7ZOHvap359Tozzup9PrkihBJ9p39eVdmFzY_8FLNczk-h71ecbbJZpoLbGUul2WeH3ilRla1oDwLh-fYGaAo3UUdCOCyY0eLeDqqdwFwOgobqV26_ttlEphFvUH6cj2ubq9dkqscDdcVQfTcGQUG0oJg7w10N-pY886zuWMqK0j3CQTFr5NfTqip4H8yEuGRtIdD3RhDiQTkNpcrppmObuJm8qec3nAyBnEopEX07Uu8sSmI1iAopvlOaUMm9sgjIsZ4c1nXTCX3wfUByu-NI09sTFLk8Tv3B3f8Nv_pTwZcIsEeL4uWWM7Nd3vBwMu3pIIHk6eUAftLQiGS8tV4n7zB59jEWp6e9u43hEtBBUsP8Ui2xQRBTXu2QuivnSPToPs8s2hyd7KfknbuztJnYh4qlwbzgaQXGFgNrNCB013nlMOkwXln67g2TNODnxHVAPhORN4pFm1BvujpMCfbM-BOysqK1FHqfnUPNZEtC7Q761HkBtgCjwagIEvqOupS6JdJhU__LEmW-fVR8g_rPQdHZnJJoR-Ur7smPGdVCyWXofTHfEPyJfHQ3hvrviHY6-ruWzN_RfvoZxFKJRWRRYMg07Naeu92RlarrteHUJDCJIrA_gPH2jW8ZXLQn5C39ll90p08cvMn7FEq632CUBgiuhYGx5pTUnHEvlVaChuIUyZH_G30cfUJ4Nrax8_F6iHRHimb922VZJpdpUcNLXR0qfbH53sbQvYkP2BaZ81v5aExjlHCN_rAZ5jafbgOSW3Hwy31worsejMpaFayW0lHQaKP1GYEE3i_N8nnzGqEIyFUJZmt_soVcHcUx7flOyY1l8UGDmRcTTRQ6lPh3ocFFvrvNmwGY0f3JvpAUkkAPPg7o66u6-Z09_H8CApcpWKAuXGplsEMdP31BexGb9SFbECL_BFgb8bXVEqSyYQ&cid=CAASPeRooTJaPHePGY6O3jo2sJUvJb6a6z1EusLuw9AM0mZV1NBPWQCye_QbXbZ5HFFyLVQYMGztUridFaEkvRY&rfl=1%2Chttps%253A%252F%252Fn.yam.com%252F%240

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d75d3dc9e3da98bf18b49378b9ed3e8d75aad6093e856d318f49c19272e7b9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20563
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C728 42 B
118 B 15ms
14ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DOU8oCR0huO_M9nzjiueprBE8GMhcCD1pYAMpGd998Iu6Y2UlALk4RjElyOvFajMfT4sUhufazlGSWKGEPLMr3T8-RGOX83WhXY2Y34QQtCuzcuHQ

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame C728 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 01:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 01:48:44 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C728 116 KB
35 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Wed, 28 Apr 2021 02:27:30 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame C728 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 01:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 01:41:38 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame C728 0
0 16ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSHQ-mC_lUD6jVVRM61BmP6YCg6qXD7algiEoCNFV4sBwrp8UFn5BXIpqVov5wFFBms6scB
Requested by: Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/ Frame F5D1 66 KB
40 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf33a59b2f9d9e186e724280e299907c67da1139abba4f45bb38b4180e6e60cb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 21 Apr 2021 07:57:34 GMT
expires: Thu, 21 Apr 2022 07:57:34 GMT
last-modified: Wed, 21 Apr 2021 00:43:44 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 40814
age: 584996
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 7A42 0
0 48ms
48ms Fetch
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CNlIoEciIYM-GI9WAx_AP6ayz4AyWls-aYre-1cbEDZbZjKesCRABINLMgRpg6eTJhdgaoAGjrMHHA8gBCakCYCCT1yxItD7gAgCoAwHIAwiqBO0BT9Bq0U4dv0918_aK4kzfv1iXzKBwWMQ7_pQ6-tR7CHIOjezGHzl6JYevO3J8F25751M6dcCqzofn2OPA2sm8-bnM6y0V8ilYYzsaSdFqVgtFDuO4frl0fOIsr4ESplARjscrnLc1P544LbDtSsv5-1PZtXm0CZ577PCs6tGDndYUVJhw8NmO0Q2FZrgK0h8w-37LbMmebK16kwS7VAxGrDp0TG7HOKiIxI6PFnOxjFDqQAvmt1eMoCcYESAApl0zv5k6Vk2FMg-vgDCg_qnf13_ZoP5WztxLjCpUbte1Mx9-jIA1iUq6iS0gCrwiwATFo_vnogLgBAGSBQQIBBgBkgUECAUYBKAGLoAHxdO-OKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxDeetIICQiA4YBQEAEYHfIIG2FkeC1zdWJzeW4tMjI1MzUyNjU4NDU0NzM3NIAKA8gLAdgTArIXGgoYCAASFHB1Yi00NDg1MjM5NDI1OTI0Nzg3&sigh=GztNYp-zN_Y&template_id=419
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame 7A42 17 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:15:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 747
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 12352184217982932987
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 02:15:03 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 7A42 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 01:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 01:48:44 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A42 116 KB
35 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Wed, 28 Apr 2021 02:27:30 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 7A42 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 01:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 01:41:38 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 7A42 0
0 15ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTFiRX5CDG-1Jx8MlddHU-pVSU6mPsKHX-ysAWfvbflBAi8H3zu6ZcJ7E3fjVbAEXDf6XH_
Requested by: Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 23E7 640 B
316 B 16ms
16ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnJ3gIQv-TgAhicue6iATAB&v=APEucNVBFNUFmRkXDneZ8uGAi1E0r1EAcz9Gezu4K7QW6BuXf2tSxgvhdkYO2TxeZjtLdlSQ63ApFb9gA2i1x-90BPrI7JsOsriBkcwwKUEAsL25nYXtwgeCccVm5ON46Uq6JQOtCDyzqksB2r5uUwpWFGOHH9L_U49ZwED7ewcUCFdegoZXTQKEYhjJwc0OpkaQGnQ8wlGJK5bCuv7PusBQhMtnyYl_lQ

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CNnJ3gIQv-TgAhicue6iATAB&v=APEucNVBFNUFmRkXDneZ8uGAi1E0r1EAcz9Gezu4K7QW6BuXf2tSxgvhdkYO2TxeZjtLdlSQ63ApFb9gA2i1x-90BPrI7JsOsriBkcwwKUEAsL25nYXtwgeCccVm5ON46Uq6JQOtCDyzqksB2r5uUwpWFGOHH9L_U49ZwED7ewcUCFdegoZXTQKEYhjJwc0OpkaQGnQ8wlGJK5bCuv7PusBQhMtnyYl_lQ
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnFi-8nSUKUoZ6URjAFUH_sgNjhSgsGFGYfZOj03fTZysGSw5cMzGKb4SAHy10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 28 Apr 2021 02:27:30 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame 3495 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite_fy2019.js

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 22:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7028
x-xss-protection: 0
server: cafe
etag: 12352184217982932987
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 22:44:42 GMT

GET
H3-29 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210426/r20110914/elements/html/ Frame 3495 6 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210426/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 23:29:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10678
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2661
x-xss-protection: 0
server: cafe
etag: 7752240862628680351
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 11 May 2021 23:29:32 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3495 0
575 B 135ms
52ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuDB5ihZjUxrbZDr-6amETVAFlRVrgBa1AAKcL2rw-mGpJlL7DIHxdK4ahELK2ytBro9kX8OAdaEYTtCyVSP3Q8OWP5VxHriQbXBIjakNittTcdLMAGekTEqfBVJAqYhDoFBoF37IQ6HutRZBAiUQ0RIRK819ehmj7quA-qnwV8wgqeFaHVRgzmZW747r827nnEIVQIwrJUYn8kjnsvM-FHXWfDyJi0UQCl6eqbdDSOIDivXcorgXxefbJrv8K8JGvzPsfiDq60xakP2kpwXjk0owWg_HRRTyTlOnxnxzZLeQhHgK8UJvvf69vYmINdY4kt59ya7CZdH3h4AtXn9K7Yv3rQuGtH20vnDQFcHOCMgHLle7wxuYHRf0vNQ13N6Zyx0bjr-lfEssa08hFIQ1PhTFqDVhp7xemXDzFyXQxo_q-RGb2-6-UnVIBH1hkXKyuZ5iA6F0UmS4knfHRV6QRyqZQQpY8ZVY3ynGMN1gz80GekV1Aq7q4JIW3AxfuUCqoCE6iRnfELHX8eun2K7z73uYcMDThR3Rakmb55LlCrjtVDFpHRri3o9fKmnKOHxNlDGZJkP3KhfTjtWAh4oGuSUjOiNH0BnKikdf8orWikfZHcYT0wHpAsy7ITjDqvYIZNHfZ2jxj4Twph2xfHNYbzE0Zw1hQL2BsrpWilj47UNNfeYN1wIFpTLLEon0mE6-N3YscvxtYrD15oiyGDkTc5NBt3z6QRN7prszzPwTLDGsLSLAZE0pRmn17r7Nk4v_G3TX-QGrHJtgSDT71e3oYXthZcJ81Awca3F2JxC59NMoMbmjXG46ayE480REzfYAJweU-EnPMKeSUIpzyZlUXfLF3tqVrZaUYkfFRD5P76tn2quBkFId0kvIQL2K6Db3HJNvQ7fDee35oDu_-rl-msXEbqLJX1Ni253_7JV4_Apw_PhRSbr8LQnWXBDhfEpDuRERuX8bmcBfY3-sUZ9GhywcjAcj5bWk_msfmcdQ0X24Y6bMSOOI0CtLwomSmmZpZRBKGyBuo6I-iQZYOuNKH5ciVqw6cc9lrCpOFjcVY6lxytO3iL4Ug9dmlwj5foUoaxRen-vtGn4GFOHCUZT-aC-lzM6nwdwUK3V1WH1VM5KOyUeHPvLc3rVsU51TjARZtASHm9E8KRiwXp49M7rEDO4-tMDORMTghcj--O9g&sai=AMfl-YQF7K2_7q8EC9e1evE1_IpuwSdeJC7ePlEg6xSZqT5govXgCJC90LgFFVrb_VuHR_bfzrIZ8yFub58W8R7pUjnXUn08zmpEsjo_T0SCxeZYXee44NdchCIcA4g4PiIjL0nt-DluM6PoaCvm7UAlobYq9IP0xFtobVL0URsKJ5wBtHK00wHReQV7jpYrGFAuz8geH0-0kHnbNxO85_T71JrhiVuXucFVnR8DjbJ89tB93RvyRP1G_Gav1YDWngnP7tlBzN6Ebhze7Pye2zBW4qEhahrDrrC1qmgD_Rl2y9Q8U7gJ9p-NxIwxmzwwLDyBYLP3BW-OgYyCa0jAV4qZ6wRdwV-d1qMwHjbIHS0FzuA3NF9DQ9OzU5QQ5fOBGYdGLprevi02&sig=Cg0ArKJSzDpdUzOpfZzxEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210426.63403&adurl=

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 28 Apr 2021 02:27:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3495 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 08:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63854
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 08:43:16 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3495 42 B
63 B 15ms
14ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Cl-5qqEbz1-njnvF09gbkHzqWOoTaGu-0mxXSNIX6TNeJuMpL-bmK3Qsj5c-z--gHDiuTw8N8YdFPQkpuZLHRMPhKXjyWaZzGKOwMk2X4U9FoCJUI

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
track.adform.net/adfserve/ Frame 3495
Redirect Chain

https://track.adform.net/adfserve/?bn=41128529;extvars={campaign_id:48662447|insertion_id:19233058|auction_id:ABAjH0gVpqSaTgPZMfr31z0IwG9Y|creative_id:341548188;1x1inv=1;srctype=3;ord=ABAjH0gVpqSaT...
https://track.adform.net/adfserve/?CC=1&bn=41128529;extvars={campaign_id:48662447|insertion_id:19233058|auction_id:ABAjH0gVpqSaTgPZMfr31z0IwG9Y|creative_id:341548188;1x1inv=1;srctype=3;ord=ABAjH0gV...

35 B
395 B

49ms
48ms

Image
image/gif

37.157.6.246
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.adform.net/adfserve/?CC=1&bn=41128529;extvars={campaign_id:48662447|insertion_id:19233058|auction_id:ABAjH0gVpqSaTgPZMfr31z0IwG9Y|creative_id:341548188;1x1inv=1;srctype=3;ord=ABAjH0gVpqSaTgPZMfr31z0IwG9Y

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
expires: -1

Redirect headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
server: nginx
location: https://track.adform.net/adfserve/?CC=1&bn=41128529;extvars={campaign_id:48662447|insertion_id:19233058|auction_id:ABAjH0gVpqSaTgPZMfr31z0IwG9Y|creative_id:341548188;1x1inv=1;srctype=3;ord=ABAjH0gVpqSaTgPZMfr31z0IwG9Y
strict-transport-security: max-age=31536000; includeSubDomains
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: text/html; charset=utf-8
expires: -1

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 3495 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/window_focus_fy2019.js

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 01:48:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2326
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 01:48:44 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3495 116 KB
35 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Wed, 28 Apr 2021 02:27:30 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/ Frame 3495 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210426/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 01:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2752
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5604
x-xss-protection: 0
server: cafe
etag: 2846967340006788112
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 01:41:38 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 3495 0
0 16ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQnqLosM5Qoy4nV53spwcMSwW7-PxrXhOSktBaErofkvExTIVnBpY7kU7LSlQmKILJZeLr_
Requested by: Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 6825960462996572944
s0.2mdn.net/simgad/ Frame 3495 10 KB
11 KB 28ms
6ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6825960462996572944

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6040da2153e1340940e882e111553f77e29f299d18f42cc99dd9244713b96171

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 07:05:19 GMT
x-content-type-options: nosniff
age: 242531
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10640
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 19:46:15 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Apr 2022 07:05:19 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame A396
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

14ms
14ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 28 Apr 2021 02:27:30 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H/1.1 200
OK 20200320%5C2020032003555041.jpg
vote.yam.com/imgfix/ Frame 78C5 21 KB
21 KB 502ms
192ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20200320%5C2020032003555041.jpg?h=250&w=0

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d1c4e7914250cd0668e63d09f2e3394b67168a91901fdde86cc401a13cf2fe00

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 28 Mar 2021 12:55:52 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=28895301
Content-Length: 21380
X-Xss-Protection: 1; mode=block
Expires: Mon, 28 Mar 2022 12:55:52 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame DB6A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

32ms
32ms

Image
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Wed, 28 Apr 2021 02:27:30 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 200 6276185868358982483
tpc.googlesyndication.com/simgad/ Frame A396 32 KB
32 KB 6ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6276185868358982483?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4ql26fmggnwo67o3QylJH4j7zLberw

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afa7b77bbc0a91fcc3a2a03bd4fa2dbab341ed7c8918a76162c43ef124e63a02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 09:56:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 14:14:25 GMT
server: sffe
age: 405078
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32896
x-xss-protection: 0
expires: Sat, 23 Apr 2022 09:56:12 GMT

GET
H3-29 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A396 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 15:35:44 GMT
x-content-type-options: nosniff
server: cafe
age: 39106
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Wed, 28 Apr 2021 15:35:44 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A396 344 B
374 B 8ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 21:00:17 GMT
x-content-type-options: nosniff
server: cafe
age: 19633
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 28 Apr 2021 21:00:17 GMT

GET
H3-29 200 zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DB6A 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 15:35:44 GMT
x-content-type-options: nosniff
server: cafe
age: 39106
etag: 7688947696963022458
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3430
x-xss-protection: 0
expires: Wed, 28 Apr 2021 15:35:44 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame DB6A 344 B
374 B 7ms
7ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 27 Apr 2021 21:00:17 GMT
x-content-type-options: nosniff
server: cafe
age: 19633
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Wed, 28 Apr 2021 21:00:17 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210426/r20110914/ Frame C728 22 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210426/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bn5WA1cM4yhFJPD9hjZMQBYt6mfI52_OOrxNuodxrPOD7fPTV-mUNv0Lq8xDf_4fuYIJTZRB2GucsBFHo9kDLHHgtvvF5Nur5vPQwRtdISBxMyV1ZJ5-ibWK-YKPOEZU4Synk0yPoNFc4nco9GoMjExSCTBg&dbm_d=AKAmf-BG7lu696dT8UaLKnIKEU7F7yqAXL1SY7Crlv7nZEnK3eR2_RA5fh83nPbTLeUANIJmtffXRcdbQx1EaDNSSyD1PuYxiI2FcNjxNhK4xaSn1E2jRPbNRvMB1DrJR0OvoZ6WuuwviJaIY9YSxRXhjgD_kkN0wuycT7HKMbCNh70emlA9JL7FtXH-IZdqW5vQNup_dVqE9gCDFGOP8PuwX6jBQnzNKrnrQUms-v-5XW0mzhTEfkM3-VmN1gGom36l8Yjx1K_DRNl9S6dWyCYzqfFpUHG9JQJbwmW2fv4BWUKcFoj-lqPAR7l2qixClla2XVA5lquTs0Jk_aSHMBeO6bEDv9uf_6b3eB-9OS5UKr5fIHa6VAmb4M7Cn2KnojqFZKYlM3Q-Od4cFqY835AdGDGWhffcYjPTFJrnsR9jQHvK79yN9ZrWFD157yle63rpEEi3wogKe55iXjC5UoSDJaKTrSYo7_PyPQQcD5Tn1e8DqjJfj-dPKyGPAGN5zn9J9QpO7EWIqwnpcyYHEryPvG5QXPfuen00a42UqbDxenZBOEeVfjzMDE2Y7QmpXh-sGIjuRU-VxlL96OFd5YlMIb6cntcBQt0sS_1HtywozkiLEvtwtt7135UTXBRFfQQ6eIeQN7UBpW-2Hcp2RVd18oW7agHy8V8vnkjfoUwIYD1U1eeo8R4_H2D_P5jisVtDdW2O-HZMuy6tATl6kq63_1yC5ZS2ailvRPt2qRqIiWewMlErTmH0Kxc2hYS7Zl9DRrS259UKRKVjw6k9CSURwhyJXKthJQJlheayy5W849TkiVbAO3LKoZ9C2i4ccrPT93MYkRgvalvgOZnchxT7ufghWmMK6iQTor20qFYzhxaAafP5JQfgAgUslkL7g6eDwXe_AY1vyXojMyJ8DpyWOLFLZ87a83obw9xwXNKtTpgfnPpQEouAAGat4F6a-rEGRfsOgXKst5Roy-prcApQRbOCMYLpyeToNSNVNEl1oNdKiM8kCCNhWrjnspP5IhK5Qn8pWO3c_Sjfjsx3kf-_QRDJXA8UfmTEUQeYdMBInVTDozOvipretmhF89OmnF6WNoFHSzIMFwQ8zRVYBqw-CA5uAvxVipf0HrL-GIbG-6LYe4aPL3rG5MpajvLKo8XdmnTjSFDBYQpUSbRL2CIiCbIDPfHftK2-KcSRIxc_VSuTF_0wv8CC9LsX-sM1cvl20CXOyxmazkFZ0_gaEK9X_k4VrH0TbfDIoU0yGEG5hXW5VX8UzkmtcBG77tWv8ntwXSc0L7amBwqhXxZIAv27tvAppef6SV-5qEBKGOLBltJ7RR3OE8l5aBS_ZEay1sV8hv62FSBLlFIr7dogOUyyjfyGCUyRFTfWZ6BuWrRhLGlu7RK6dOoxefsagKkLU00N9g8jJT6ELe-xJsH_pTqmpEY4ZoedRSO7Kx7WUOBaqhdnBktUrJLVop4EIU4gE-IXEvXBVU81iwlPlKeE_WxgIGTs9DIrz4gN6nrYmgam878JgMzrGPbEaKUJ9DQ_vGsNS5ZhSjg6qmFzLPNJOFaqTmETwFvwQPbFm-6AEym-MV5q4rFpDqoiUO30MEul8OqkKXEk2ThKFvq3gDM36eoifgi0mY55FgB-TAkynhI0XqKksM6e4R07oNeFxD1-Cn-B5C20j00cNh2zbCsaZnPcqr2_DPv5icvSozpLDLe1S2pYMMpCBI9N2LA4AQ5CAbnm7fzUvdy3SnHhxtBv0B7aMY7vN1YmUl04HuL242cpv4cxM9kRwj1Tpm6tIU6cZxkcoE4vHuxHVGtHJ2ivmhnRoTgRVRi3gANe4Ue9FCEuVXg3GU1HTR4OCog06Td1W3sX4O3Y1048yOfCGJsP274oscF7J7M-KYJ-9fGCbJJmZwaa79qjZiTXhikX-H4pkA4DP1KLnWHOhSf2CUcjwZo6Pr7k4CAdxeyFIzmAw5mnBqPbaQsw4LAAs78BFPDJVO89B_DESPwhzQz0W8TKFIAFKWTKPpIp6uFhrgkJvtkar7EdbYD4jKIE_EtaS_K9xvVNjPYTl9US3zkHnTaOrU4Hw2RymCnC7hSfC3mDSgVNVxEKmUtvsPy8lhjVnRYZtbpilBRLCDSHW2_MpA0oeWJQGBfWWTREFqCc_DgAu3sQhRlWwAftxli7ZOHvap359Tozzup9PrkihBJ9p39eVdmFzY_8FLNczk-h71ecbbJZpoLbGUul2WeH3ilRla1oDwLh-fYGaAo3UUdCOCyY0eLeDqqdwFwOgobqV26_ttlEphFvUH6cj2ubq9dkqscDdcVQfTcGQUG0oJg7w10N-pY886zuWMqK0j3CQTFr5NfTqip4H8yEuGRtIdD3RhDiQTkNpcrppmObuJm8qec3nAyBnEopEX07Uu8sSmI1iAopvlOaUMm9sgjIsZ4c1nXTCX3wfUByu-NI09sTFLk8Tv3B3f8Nv_pTwZcIsEeL4uWWM7Nd3vBwMu3pIIHk6eUAftLQiGS8tV4n7zB59jEWp6e9u43hEtBBUsP8Ui2xQRBTXu2QuivnSPToPs8s2hyd7KfknbuztJnYh4qlwbzgaQXGFgNrNCB013nlMOkwXln67g2TNODnxHVAPhORN4pFm1BvujpMCfbM-BOysqK1FHqfnUPNZEtC7Q761HkBtgCjwagIEvqOupS6JdJhU__LEmW-fVR8g_rPQdHZnJJoR-Ur7smPGdVCyWXofTHfEPyJfHQ3hvrviHY6-ruWzN_RfvoZxFKJRWRRYMg07Naeu92RlarrteHUJDCJIrA_gPH2jW8ZXLQn5C39ll90p08cvMn7FEq632CUBgiuhYGx5pTUnHEvlVaChuIUyZH_G30cfUJ4Nrax8_F6iHRHimb922VZJpdpUcNLXR0qfbH53sbQvYkP2BaZ81v5aExjlHCN_rAZ5jafbgOSW3Hwy31worsejMpaFayW0lHQaKP1GYEE3i_N8nnzGqEIyFUJZmt_soVcHcUx7flOyY1l8UGDmRcTTRQ6lPh3ocFFvrvNmwGY0f3JvpAUkkAPPg7o66u6-Z09_H8CApcpWKAuXGplsEMdP31BexGb9SFbECL_BFgb8bXVEqSyYQ&cid=CAASPeRooTJaPHePGY6O3jo2sJUvJb6a6z1EusLuw9AM0mZV1NBPWQCye_QbXbZ5HFFyLVQYMGztUridFaEkvRY&rfl=1%2Chttps%253A%252F%252Fn.yam.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be9eb92769d4f24337035eb54b83af8297f9ee951db2821b5b7a640c002d3d58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:19:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 464
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8608
x-xss-protection: 0
server: cafe
etag: 8494502272148382847
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 02:19:46 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210426/r20110914/elements/html/ Frame C728 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210426/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 01:54:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 May 2021 01:54:48 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C728 0
61 B 53ms
52ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstbdu0i5QNXw4M-CmnDJPrLPYl1B2o3wWTHP1nwSbMfMkbTx79R8YrTk-9y0iRq-kGy99vcT7bEv6iqfBlja1fhN4iDLpafZqaS7dw_dQInkn0X3gh-alIH8fIS6OAhfpd5gPhiTgGBOHQcvSgrG9VfT-taMkIISkUEUB8t_RrEB4AvHQ46BVHgTm9rU5CEjT6VU8O8ZBZiKYKjRD3GFfRH_n-_yQEBCpcOwo10WfSr2k81q6tJ7rf9NLf7AyXSz8bkFxu_kXO_kdOuBy3yEKVc9-7NZFRC-oePRhH1LWYEReGVs1logODKEDY76U0hjjYyPWYy1QObfM4BpLTK73eC-NxuitvCPt1WaE4E29SCCSMZSCsJv1z-ZXJsFbE6_BiFlz-IR-kpK6tIFEuDoKKYgFBDeX3YS6BGyOKJ9fYhDM2TUEARnTF2Zjnd7yCzY7ZogG81xy9gPMMSZ_ROCQgyEU9Ijb0P1RgUZZlsaTEG6aGN2key5534y5-fuDO7rz3KZYteKjSe5PL1c8YkEPXz2kNHH9OZJHMZIHi33CbPpPfbQTnkg2Lkzt52Vl_25q9fYP6PiaOqZqae_Cr_3rA39rZs9DzK4divq0bsbMM2uBmbk9lvgAUMnzqSVh-cj67Ydf77LtrKiRq9_M9WzZqJ6_Olag13jzn974KwQPv4rLr2vdv-6S5yynceFL2K8q5lVa3O53xOPk_QfPAWkAzfbth9hZ3E6lvfFT1F9zGL4iM9W4vEM1HFbsChlA_tNCTU9_HOmPjbTkApnkk9zA_-dcSZf-apP07Vz3BVlsmjRZjRmpVo2HX7tDH3Sd8QhX1OowQYPSATwOtuiSrOM6VCZ7FGpvu1esCeqGvJy2OT8lYgriRewpppS7qbjv4kW_j5GLRgfEVE0W-T4YXpsO6edeg3LTPCn30benRLAUNX3cfkbDsjRhy52MPVUbS80xqU5a8YbIVNsDSY0mfGCSz7gMUY4dkuY8S4a7FQQfWLT0BosC7AmcezzdrXlnsFMtknuWJHmVdOW2w80Dcy-zitV05cNWYt9VHA_SnJkMb5XJCbX2RRViMzUfazvW82AjK8751Z2xvooAeREMWGLRwPU8DXiL1sPnX3Pl_FMmiP9mSNyv2dAVkAWvUvR5t4m5Idvtn-dUWRfrYwwMSgPTq0GR1h2oB26BXlYasDeauO24VQig5BCkOziDdbyaI6WQpR-8Y0dz0NDUS1MORXjm7IE1ufVgtmljrg-W1lY9DHQ2u3nJTI&sai=AMfl-YQFy5ku2S39a9SufJuG1w0_8AeUq57a7iiW5v9Z9dFeZqjGj95rwZcH8b665wnP3kyWvwee74_hHKhPcLh_Xcf9lkLZVkPYUg2iDg10knIdKbouKU7sXcEyJsbvNJvRtgqwItoz8KRNnO2Lk_wru7cAf_XDZapStWRpucU-MVoQNMLzjJSU7glOtvlwHYwsM7PR4G77Mx-Qmj5PZS7pVuS93Pix-ZLiO7zSq2YlaBV2v5kO3dJx_mBWHV4JufaGHw&sig=Cg0ArKJSzN8DfGrGPF9QEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210426.73603&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Wed, 28 Apr 2021 02:27:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C728 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 08:43:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63854
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Apr 2022 08:43:16 GMT

GET
H3-29 200 SS2021_DV360_springsummer2021_tommyhilfiger_300x600_20210315.jpg
s0.2mdn.net/9087337/ Frame C728 140 KB
140 KB 21ms
7ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9087337/SS2021_DV360_springsummer2021_tommyhilfiger_300x600_20210315.jpg

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5ec6146df534725cab6d0c1d9ac2e7f7341ee491fb9dcef6ea3a40ef153aec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 02:51:56 GMT
x-content-type-options: nosniff
last-modified: Wed, 31 Mar 2021 14:41:33 GMT
server: sffe
age: 84934
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143515
x-xss-protection: 0
expires: Wed, 28 Apr 2021 02:51:56 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3495 0
60 B 48ms
48ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 02:27:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8B75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0Ti2qVOthsvWxqXTokE4Q&google_cver=1

43 B
1014 B

91ms
51ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0Ti2qVOthsvWxqXTokE4Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuhcRCvlpsCGNrA26IBMAE&v=APEucNUFwcM3c86CfwMEThgcupFCB_ptd6EWQXZzJeBdJG8ldij0M3625QOQo1Tc7N3ggJxJOTKZulksCP2898zfgRBrKnSHsOBuZ69nHXZkSTq5hNTC2wOshDz5J4ce-TsX6WC0XwEVV6GClVDuSt6OBvtqr_M2qkwz8hzJzXdTv-tr3XWS67GT0-duX-rnV-6snGebPsNUvf8HGCZ9ATeuYDvSR-X02Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Apr 2021 02:27:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 28 Apr 2021 02:27:30 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0Ti2qVOthsvWxqXTokE4Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8B75
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YIjIEkAhJnjUpnJGZAZ7rQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0Ti2qVOthsvWxqXTokE4Q&google_cver=1

43 B
894 B

50ms
50ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0Ti2qVOthsvWxqXTokE4Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuhcRCvlpsCGNrA26IBMAE&v=APEucNUFwcM3c86CfwMEThgcupFCB_ptd6EWQXZzJeBdJG8ldij0M3625QOQo1Tc7N3ggJxJOTKZulksCP2898zfgRBrKnSHsOBuZ69nHXZkSTq5hNTC2wOshDz5J4ce-TsX6WC0XwEVV6GClVDuSt6OBvtqr_M2qkwz8hzJzXdTv-tr3XWS67GT0-duX-rnV-6snGebPsNUvf8HGCZ9ATeuYDvSR-X02Q
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Apr 2021 02:27:30 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 28 Apr 2021 02:27:30 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEA0Ti2qVOthsvWxqXTokE4Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 8B75
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEKkWRcFtS3jrP5o-wJCYjM8&google_cver=1

43 B
1022 B

44ms
43ms

Image
image/gif

185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEKkWRcFtS3jrP5o-wJCYjM8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJuhcRCvlpsCGNrA26IBMAE&v=APEucNUFwcM3c86CfwMEThgcupFCB_ptd6EWQXZzJeBdJG8ldij0M3625QOQo1Tc7N3ggJxJOTKZulksCP2898zfgRBrKnSHsOBuZ69nHXZkSTq5hNTC2wOshDz5J4ce-TsX6WC0XwEVV6GClVDuSt6OBvtqr_M2qkwz8hzJzXdTv-tr3XWS67GT0-duX-rnV-6snGebPsNUvf8HGCZ9ATeuYDvSR-X02Q

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Apr 2021 02:27:30 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.59:80
AN-X-Request-Uuid: ed21db2c-9c74-48b7-99ba-86473986813f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEKkWRcFtS3jrP5o-wJCYjM8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 8B75
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NjU3NDQ2OTgwODM2NTU3MQ%3D%3D

170 B
188 B

92ms
46ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NjU3NDQ2OTgwODM2NTU3MQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Apr 2021 02:27:30 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 718.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.59:80
AN-X-Request-Uuid: a3af0093-a163-418a-bd55-52e2bdfcbb3f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTQ2NjU3NDQ2OTgwODM2NTU3MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F055 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 27 Apr 2021 19:58:52 GMT
expires: Wed, 27 Apr 2022 19:58:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23318
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8969 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnFi-8nSUKUoZ6URjAFUH_sgNjhSgsGFGYfZOj03fTZysGSw5cMzGKb4SAHy10; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 28 Apr 2021 01:56:55 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1835
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7A42 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 225ab51198295a08d347653548b66b710fe116b2b577b7e9382ff7b65e8dc268

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F5D1 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 23:34:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10405
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 28 Apr 2021 23:34:05 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F5D1 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 23:11:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11789
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 28 Apr 2021 23:11:01 GMT

GET
H3-29 200 logo_d.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/ Frame F5D1 1 KB
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/logo_d.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 584996
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1450
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 00:43:44 GMT
server: sffe
date: Wed, 21 Apr 2021 07:57:34 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 07:57:34 GMT

GET
H3-29 200 tyre.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/ Frame F5D1 17 KB
17 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/tyre.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd02724ce784c8b273e88c3f80dca01a8747634d2155d29790ed2e3660d259a7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 584996
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17698
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 00:43:44 GMT
server: sffe
date: Wed, 21 Apr 2021 07:57:34 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 07:57:34 GMT

GET
H3-29 200 bg.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/ Frame F5D1 23 KB
24 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/bg.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c798c598169780ea0fb0f0498964d551bd1a0c8f19bfa05221de14452ff74bea

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 584996
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24061
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 00:43:44 GMT
server: sffe
date: Wed, 21 Apr 2021 07:57:34 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 07:57:34 GMT

GET
H3-29 200 logo_l.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/ Frame F5D1 1 KB
1 KB 8ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/logo_l.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7371504096226307675/nt_s21-PL_728x90_find-the-tyres-that-suit-you/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 584996
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1497
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 00:43:44 GMT
server: sffe
date: Wed, 21 Apr 2021 07:57:34 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Apr 2022 07:57:34 GMT

GET
DATA 200
OK truncated
/ Frame 3495 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6b7d44e935222eb6427ff28cdecbeb83292ecf0c75f67ae17a3f228d8389125

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 23E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEDqGiggZLAV_LCGOxwzmHI8&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDqGiggZLAV_LCGOxwzmHI8&google_cver=1

43 B
172 B

46ms
46ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDqGiggZLAV_LCGOxwzmHI8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnJ3gIQv-TgAhicue6iATAB&v=APEucNVBFNUFmRkXDneZ8uGAi1E0r1EAcz9Gezu4K7QW6BuXf2tSxgvhdkYO2TxeZjtLdlSQ63ApFb9gA2i1x-90BPrI7JsOsriBkcwwKUEAsL25nYXtwgeCccVm5ON46Uq6JQOtCDyzqksB2r5uUwpWFGOHH9L_U49ZwED7ewcUCFdegoZXTQKEYhjJwc0OpkaQGnQ8wlGJK5bCuv7PusBQhMtnyYl_lQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEDqGiggZLAV_LCGOxwzmHI8&google_cver=1
date: Wed, 28 Apr 2021 02:27:30 GMT
via: 1.1 google
server: OXGW/16.206.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 23E7
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTc4ODkwOTEtNGY3MC0yOTZiLWVhNDUtNmQ1YzMyN2Q4NTg1

170 B
188 B

47ms
47ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTc4ODkwOTEtNGY3MC0yOTZiLWVhNDUtNmQ1YzMyN2Q4NTg1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnJ3gIQv-TgAhicue6iATAB&v=APEucNVBFNUFmRkXDneZ8uGAi1E0r1EAcz9Gezu4K7QW6BuXf2tSxgvhdkYO2TxeZjtLdlSQ63ApFb9gA2i1x-90BPrI7JsOsriBkcwwKUEAsL25nYXtwgeCccVm5ON46Uq6JQOtCDyzqksB2r5uUwpWFGOHH9L_U49ZwED7ewcUCFdegoZXTQKEYhjJwc0OpkaQGnQ8wlGJK5bCuv7PusBQhMtnyYl_lQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 28 Apr 2021 02:27:30 GMT
content-encoding: gzip
server: OXGW/16.206.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTc4ODkwOTEtNGY3MC0yOTZiLWVhNDUtNmQ1YzMyN2Q4NTg1
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 23E7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEN2Mdsms-7bz8YtYqhWoE1M&google_cver=1

23 B
172 B

76ms
72ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEN2Mdsms-7bz8YtYqhWoE1M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNnJ3gIQv-TgAhicue6iATAB&v=APEucNVBFNUFmRkXDneZ8uGAi1E0r1EAcz9Gezu4K7QW6BuXf2tSxgvhdkYO2TxeZjtLdlSQ63ApFb9gA2i1x-90BPrI7JsOsriBkcwwKUEAsL25nYXtwgeCccVm5ON46Uq6JQOtCDyzqksB2r5uUwpWFGOHH9L_U49ZwED7ewcUCFdegoZXTQKEYhjJwc0OpkaQGnQ8wlGJK5bCuv7PusBQhMtnyYl_lQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 28 Apr 2021 02:27:30 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEN2Mdsms-7bz8YtYqhWoE1M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 23E7
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDhhZGRmNGUtZGQ3Yi00MDQxLWE2ZDQtODhlMzExNjU2NTdj

170 B
188 B

53ms
47ms

Image
image/png

142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDhhZGRmNGUtZGQ3Yi00MDQxLWE2ZDQtODhlMzExNjU2NTdj

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
server: akka-http/10.2.3
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDhhZGRmNGUtZGQ3Yi00MDQxLWE2ZDQtODhlMzExNjU2NTdj
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Wed, 28 Apr 2021 02:27:30 GMT

GET
H/1.1 200
OK / Show response
admd.yam.com/AD_HTML/ 6 KB
6 KB 195ms
195ms Script
application/json 13.76.41.74
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://admd.yam.com/AD_HTML/?LSTR=yamAD_01%3A100%7CyamAD_03%3A1064%7CyamAD_10%3A906%7CyamAD_11%3A907%7CyamAD_07%3A903%7CyamAD_09%3A905%7CyamAD_05%3A902%7CyamAD_13%3A825&APP=&Charset=UTF-8&RID=0.8610784300303376&callback=jQuery111305515108351796754_1619576848883&yamAD.js&_=1619576848885
Requested by: Host: n.yam.com
URL: https://n.yam.com/scripts/jquery.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 13.76.41.74 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / CSCWORM
Resource Hash: b69490c3cdd5a107d368561dd854808ec12e08c01e38f807638ee1a09332feaa

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:29 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: CSCWORM
Content-Type: application/json; charset=utf-8
access-control-allow-origin: *
Cache-Control: private
access-control-allow-headers: content-type
Content-Length: 6329
Expires: 1 days

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AD3F 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Tue, 27 Apr 2021 19:58:52 GMT
expires: Wed, 27 Apr 2022 19:58:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 23318
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame C728 0
23 B 95ms
48ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 02:27:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame C728 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42e804d52ad4f9122df9e091e6bee7c895c2a8999a8a519b0908e5a094be4748

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F5D1 34 KB
34 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3-29 200 ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js Show response
pagead2.googlesyndication.com/bg/ Frame F055 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ok5NYsbUJz7rvaMIS3vXzjmRMy-iaFhY4y0YhYi-ySs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 20:16:51 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 367839
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5644
x-xss-protection: 0
expires: Sat, 23 Apr 2022 20:16:51 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 8969
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
URL: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si?st=NO_DATA
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUnFi-8nSUKUoZ6URjAFUH_sgNjhSgsGFGYfZOj03fTZysGSw5cMzGKb4SAHy10; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Apr 2021 02:27:30 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 28-Apr-2021 03:27:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Apr 2021 02:27:30 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 28 Apr 2021 02:27:30 GMT
server: safe
content-length: 257
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 -_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js Show response
pagead2.googlesyndication.com/bg/ Frame AD3F 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 20:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 366774
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5672
x-xss-protection: 0
expires: Sat, 23 Apr 2022 20:34:36 GMT

GET
H/1.1 200
OK 20200303%5C2020030306521772.jpg
vote.yam.com/imgfix/ Frame 78C5 36 KB
36 KB 193ms
192ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20200303%5C2020030306521772.jpg?h=250&w=0

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1eb20e078ab3199a4139a3a1216b8d1db5974981c0061a1a90b543062315f1f0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:30 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 28 Mar 2021 12:55:38 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=28895287
Content-Length: 36765
X-Xss-Protection: 1; mode=block
Expires: Mon, 28 Mar 2022 12:55:38 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F055 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0WyjEciIYNCGI9WAx_AP6ayz4AwAAAAAOAHgBAI&bg=!bW6lbirNAAZLnZBaS507ACkAdvg8WikBUcEMHAUwE4Ziq3BJ_fCnN_CgOv3NuwV5qxVnhplg0a2AzwIAAAC9UgAAABNoAQeZAn9xVhQYeeCryAz5QMsTZGe45Zmbu5cGzvg46RDkbSSFLcOsgzha5-qqapleGpgSX24w39sVb2RP_E8JzjhiCPF9UVuB9QRPu_Y38S8EdGbhHGp4Gc6jK_HoXWQ2HwWC23P4POiDIRg3XQpngh4CNboKFS5Rsej9Q5u1ATm7EFYteHSteHabqcc4tr1qRFd7Cu3Z8PGw2E34dFz2g4SIOXEOU0m4MFazTxnZoe4HSa1iPcNBk6f9wp16EfpXajQHhNH50choPNWTx8iipAnzbd_fDs0dLngK9gRSLePjYD7vpw1Z6Id4u6miWdwIhM6fzuWgFeVvQEELGvnn37dsM3dWriS-YZ2-SewT-SY9_PwrxbooB7g1WjXqqnEFHOq4AoHuVusBmqjLwkeFeII1A8HW2ZVkLwdVHPkmhVNdrw8GEDHERJQknzk-3F5oT-gyEuWU5z1SGhXjM7X0TXowRvQZl6rl4G0Awt8BHdkILD623hemweTI4zLv1jbzziVq3ZwUsDGkOG0QC41W_1hxnbzL6nujcAJGwqGwebJoFNSU_Pf-5oJyG8zzu9514PnU0wAD5btFJSH50i03aHMznbCvCg3MpOKAlvwkBcjSbZGKgcPSYhFk62xjJlaAsh5TmsgU-zgiNdAhXXU5GHSor70VPoeypay78c5frXu0DUu2_wj0WCU9ebswY90aRYCC6XMNjf-a_r1TY7GyQQUDJeCq667Tts0mlkNTulF_rO1YNJnKKD_2DjtX7QnA_Whlx_TCj6HJR8kQPcymr5Acu-WQzzYRsrEtoSETZKBDLlviQAUvwIzSdZB2Q-iUkggrPTEUdsu-gjNiAtq3ppDcdhQ

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD3F 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bj4IwEsiIYLfIDqfV7_UPgLOvoA0AAAAAOAHgBAI&bg=!dXaldjLNAAZLnZBaS507ACkAdvg8WujteznSQFBLmGgAZCjwTxPoInR9Rtn2sq8UhNpqtdjpC8m-BQIAAAC5UgAAABJoAQcKAK6XoqLzOdtUpoqmVVdQTFnaVbHMJWaj3QrjmhGB59U6sxZywbsz_DQGmpnt9GCBBZxS2rUUOJlRUpJl9RKUKwbu4S9FR3AVCpYoUjk0NJAsfUocsJDzXZFyuQPEBb1LQF2Nhk3PDWTKfIQ_m3dgbwJL48hpk_4Nhbou_m4PZqtceGbWyt48rvAZlzZnEHAq5vqr2AhGmZN_bZyZcprqAM5yhm3nAp0VPcGLlxV3qD-ZAnNmE7ChZIIPfd3U9MD7Tyl6TW9OWJsTvvySmAs4FPTdqp2fRTQ9s7ULEIRMqDAF-P5F0z_v_KhVeXlWler08euczRQBeOM3P-UVNUox9sSATXTtlC3gGIGEKoZMesk0kF9dGwMTeLBH43GmGkiu91Hr3CKOwdmF4dXFcIg1ZPW6ckxJaCmMML5B5YvU8QeJ8_d8zSCec6j4TLSp_O4dw6I9BRfuBTLgzZhSZO98jPDsEMMwVk6NcmRB9-qDp_uW6GLs4D95rdI9xeTIh4__5WbnGz6yDUXZUoydqvoS36OG_KX6x3kwBgWwPioiGHZcxkx4WPwLUZmUomsFjLMajTAgX2a22732nyeU3Wdzv05zjD7ceuqVXC14qYdqDWBt2JuSbXrnwjPIkqtdr-rKRKALstmLhMWXwqGb5WWDbdS9sjaUPzoYbgl3OBRSj-gWH6hh18z1YdRs0hd0TTgAmtn-_TSiOLdiAG9ZVdoFMm-aHCVVfwpvvRM6dcs3ia8GBILGWzW1Zg8sU8_fo2KVBet6Qo-y7---EabnstgeZeZh7LhXdBjFw8VDGZRn7jMqynCtn51Q8Uoheg3ShFpwR6dB2FrG94JCCAUXQHMHq21E5GCPhRJjMK_UnkvYfJLkjjPy0DmMR8KGsYOX2FQKles5XDGQShH3iK9jk8wLaX5q86dlEk-LVkC5Jpv-ebVUdXJ1LwPXJv7ub2nnAenrA8fqy8Jmlwg86k3ic91dORqw7b6CPmEoYlokzuoBFMdOSzbuUN5Zi3PfB4uKQ66itinuZlB9lihSwCEQ72uTUrj2mdk2p6TL97v3AWJTo2A0ptZfJ0c

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 20200226%5C2020022602255594.jpg
vote.yam.com/imgfix/ Frame 78C5 45 KB
45 KB 195ms
195ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20200226%5C2020022602255594.jpg?h=250&w=0

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/index.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d3e319ce3ae69331e3309e7b76f0c06dbf3ecebd474cb71a2106163ccd46a56b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:30 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 28 Mar 2021 12:55:34 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=28895282
Content-Length: 46277
X-Xss-Protection: 1; mode=block
Expires: Mon, 28 Mar 2022 12:55:34 GMT

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
515 B 507ms
126ms Script
application/javascript 3.229.28.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1619576851309&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiMDAwMDAwIiwiYWxnIjoibHRyIiwidGltZV9zaG93X3NlY29uZHMiOjEsInJlcXVlc3RfYWQiOjE1LCJyZXNwb25zZV9hZCI6MTUsInNtamFkIjowLCJhZiI6IiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibi55YW0uY29tIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsImxvZ2lkIjoiYjNiZGFmN2UtOGNhMC00MjI2LThiM2QtODA1OTU5MjI5ZTBhIiwidWlkIjoiNDAyZTVjN2FkMWZlZGU4NzA5MDE2MTk1Njk2NDk4MTEiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmOGJhMWYzMS0xYzJhLTQyMjUtYTc4My04MmNhZmJlZThkM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJuLnlhbS5jb20iLCJ0ZF9wYXRoIjoiL0FydGljbGUvMjAyMTA0MjcxMDE3OTIiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6ImY4YmExZjMxLTFjMmEtNDIyNS1hNzgzLTgyY2FmYmVlOGQzYiIsImNhdGVnb3J5IjoiIiwiYWJ0ZXN0Ijoic3RhbmRhcmQiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback0

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.28.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-28-141.compute-1.amazonaws.com

Software

Resource Hash

3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Wed, 28 Apr 2021 02:27:31 GMT
Content-Length: 89
Content-Type: application/javascript

GET
H2 200 logo.png
api.popin.cc/images/ 2 KB
2 KB 43ms
43ms Image
image/png 192.229.233.139
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.popin.cc/images/logo.png
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.229.233.139 Torrance, United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6B9D) /
Resource Hash: 6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:31 GMT
last-modified: Tue, 02 Apr 2019 12:00:56 GMT
server: ECS (amb/6B9D)
age: 4353
etag: "b10c5c3579ba2dba39fd2804188dc3f1"
x-cache: HIT
content-type: image/png
x-amz-request-id: RT0Z8P90TRSYDFP2
x-amz-version-id: null
accept-ranges: bytes
content-length: 2316
x-amz-id-2: 75pMPHmf4T4F/dqo0W9u/V4g1xxUGOyyyt2Fs9jUZq7gweD/WlMoJQ0cR9QG7f8HRC+LsN7z4yg=

GET
H/1.1 200
OK adlogs Show response
in.treasuredata.com/js/v3/event/popin_ads/ 89 B
515 B 509ms
129ms Script
application/javascript 3.229.28.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_ads/adlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1619576851336&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0eXBlIjoicmVxIiwicmlkIjoiMDAwMDAwIiwiYWxnIjoibHRyIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjE1LCJyZXNwb25zZV9hZCI6MTUsInNtamFkIjowLCJhZiI6IiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibi55YW0uY29tIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsImxvZ2lkIjoiYjNiZGFmN2UtOGNhMC00MjI2LThiM2QtODA1OTU5MjI5ZTBhIiwidWlkIjoiNDAyZTVjN2FkMWZlZGU4NzA5MDE2MTk1Njk2NDk4MTEiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmOGJhMWYzMS0xYzJhLTQyMjUtYTc4My04MmNhZmJlZThkM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJuLnlhbS5jb20iLCJ0ZF9wYXRoIjoiL0FydGljbGUvMjAyMTA0MjcxMDE3OTIiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoidGRfaXAiLCJ0ZF9icm93c2VyIjoidGRfYnJvd3NlciIsInRkX2Jyb3dzZXJfdmVyc2lvbiI6InRkX2Jyb3dzZXJfdmVyc2lvbiIsInRkX29zIjoidGRfb3MiLCJ0ZF9vc192ZXJzaW9uIjoidGRfb3NfdmVyc2lvbiIsImNsaWVudF9pZCI6ImY4YmExZjMxLTFjMmEtNDIyNS1hNzgzLTgyY2FmYmVlOGQzYiIsImNhdGVnb3J5IjoiIiwiYWJ0ZXN0Ijoic3RhbmRhcmQiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0%3D&callback=TreasureJSONPCallback1

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.28.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-28-141.compute-1.amazonaws.com

Software

Resource Hash

0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Wed, 28 Apr 2021 02:27:31 GMT
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ 66 B
303 B 1144ms
288ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiMDAwMDAwIiwiYWxnIjoibHRyIiwidGltZV9zaG93X3NlY29uZHMiOjEsInJlcXVlc3RfYWQiOjE1LCJyZXNwb25zZV9hZCI6MTUsInNtamFkIjowLCJhZiI6IiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibi55YW0uY29tIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsImxvZ2lkIjoiYjNiZGFmN2UtOGNhMC00MjI2LThiM2QtODA1OTU5MjI5ZTBhIiwidWlkIjoiNDAyZTVjN2FkMWZlZGU4NzA5MDE2MTk1Njk2NDk4MTEiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmOGJhMWYzMS0xYzJhLTQyMjUtYTc4My04MmNhZmJlZThkM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJuLnlhbS5jb20iLCJ0ZF9wYXRoIjoiL0FydGljbGUvMjAyMTA0MjcxMDE3OTIiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiZjhiYTFmMzEtMWMyYS00MjI1LWE3ODMtODJjYWZiZWU4ZDNiIiwiY2F0ZWdvcnkiOiIiLCJhYnRlc3QiOiJzdGFuZGFyZCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1619576851311
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:32 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK s.gif
r.popin.cc/ 35 B
264 B 1171ms
294ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&uid=402e5c7ad1fede870901619569649811&type=pc_pv&nid=pc&media=n.yam.com&r5=ab_standard&t=1619576851311&tz=tw
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:32 GMT
Last-Modified: Thu, 29 Aug 2019 01:24:26 GMT
Server: nginx
ETag: "5d67294a-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 1172ms
291ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJyX3VybCI6IiIsInR5cGUiOjAsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibi55YW0uY29tIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsImxvZ2lkIjoiYjNiZGFmN2UtOGNhMC00MjI2LThiM2QtODA1OTU5MjI5ZTBhIiwicmlkIjoiMDAwMDAwIiwidWlkIjoiNDAyZTVjN2FkMWZlZGU4NzA5MDE2MTk1Njk2NDk4MTEiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmOGJhMWYzMS0xYzJhLTQyMjUtYTc4My04MmNhZmJlZThkM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJuLnlhbS5jb20iLCJ0ZF9wYXRoIjoiL0FydGljbGUvMjAyMTA0MjcxMDE3OTIiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiZjhiYTFmMzEtMWMyYS00MjI1LWE3ODMtODJjYWZiZWU4ZDNiIiwiY2F0ZWdvcnkiOiIiLCJhYnRlc3QiOiJzdGFuZGFyZCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1619576851311
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:32 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK other
inrecsys.popin.cc/PopinService/Logs/ 0
101 B 891ms
296ms Image
text/plain 119.63.198.172
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://inrecsys.popin.cc/PopinService/Logs/other?data=eyJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmOGJhMWYzMS0xYzJhLTQyMjUtYTc4My04MmNhZmJlZThkM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJuLnlhbS5jb20iLCJ0ZF9wYXRoIjoiL0FydGljbGUvMjAyMTA0MjcxMDE3OTIiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2lwIjoiMTk0Ljk5LjEwNS45OSIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwia2V5Ijoia2V5MTYxOTU3Njg0OTgxMiIsIm5vdyI6MTYxOTU3Njg1MTMxMSwiY2xpZW50X2lkIjoiZjhiYTFmMzEtMWMyYS00MjI1LWE3ODMtODJjYWZiZWU4ZDNiIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsInVpZCI6IjQwMmU1YzdhZDFmZWRlODcwOTAxNjE5NTY5NjQ5ODExIiwic21qSWQiOiIiLCJkZXZpY2UiOiJwYyIsImRpc2hfbWVkaWEiOiJuLnlhbS5jb20iLCJkaXNoX2NhdGVnb3J5IjoiIiwiZGlzaF9kb21haW4iOiJuLnlhbS5jb20iLCJ2X2Rpc2hfbGFiZWxzIjoiIiwidl9kaXNoX3RsYWJlbHMiOiIiLCJsb2dpZCI6ImIzYmRhZjdlLThjYTAtNDIyNi04YjNkLTgwNTk1OTIyOWUwYSIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkb21haW4iOiJuLnlhbS5jb20iLCJwb3Bpbl92ZXJzaW9uIjo2fQ==
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.172 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:32 GMT
Content-Length: 0
Content-Type: text/plain

GET
H/1.1 200
OK s.gif
r.popin.cc/ 35 B
264 B 1171ms
293ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&uid=&type=pc_channel_pv&nid=pc&media=n.yam.com&r5=ab_standard|ch_with_sz_standard-pc&t=1619576851330&tz=tw
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:32 GMT
Last-Modified: Tue, 10 Sep 2019 08:00:09 GMT
Server: nginx
ETag: "5d775809-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 1176ms
292ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJ3aXRoX3N6X3N0YW5kYXJkLXBjIiwiZXhwZWN0ZWRfYWQiOjQsInJlbmRlcmVkX2FkIjo0LCJhcGlfaG9zdCI6InR3LnBvcGluLmNjIiwiZGV2aWNlIjoicGMiLCJtZWRpYSI6Im4ueWFtLmNvbSIsInVybCI6Imh0dHBzOi8vbi55YW0uY29tL0FydGljbGUvMjAyMTA0MjcxMDE3OTIiLCJsb2dpZCI6ImIzYmRhZjdlLThjYTAtNDIyNi04YjNkLTgwNTk1OTIyOWUwYSIsInJpZCI6IjAwMDAwMCIsInVpZCI6IjQwMmU1YzdhZDFmZWRlODcwOTAxNjE5NTY5NjQ5ODExIiwidGRfdmVyc2lvbiI6IjEuNy4xIiwidGRfY2xpZW50X2lkIjoiZjhiYTFmMzEtMWMyYS00MjI1LWE3ODMtODJjYWZiZWU4ZDNiIiwidGRfY2hhcnNldCI6InV0Zi04IiwidGRfbGFuZ3VhZ2UiOiJlbi11cyIsInRkX2NvbG9yIjoiMjQtYml0IiwidGRfc2NyZWVuIjoiMTYwMHgxMjAwIiwidGRfdmlld3BvcnQiOiIxNjAweDEyMDAiLCJ0ZF90aXRsZSI6IiIsInRkX3VybCI6Imh0dHBzOi8vbi55YW0uY29tL0FydGljbGUvMjAyMTA0MjcxMDE3OTIiLCJ0ZF91c2VyX2FnZW50IjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzg5LjAuNDM4OS43MiBTYWZhcmkvNTM3LjM2IiwidGRfcGxhdGZvcm0iOiJMaW51eCB4ODZfNjQiLCJ0ZF9ob3N0Ijoibi55YW0uY29tIiwidGRfcGF0aCI6Ii9BcnRpY2xlLzIwMjEwNDI3MTAxNzkyIiwidGRfcmVmZXJyZXIiOiIiLCJ0ZF9icm93c2VyIjoiQ2hyb21lIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoiODkuMC40Mzg5IiwidGRfb3MiOiJXaW5kb3dzIiwidGRfb3NfdmVyc2lvbiI6IjEwLjAuMCIsImNsaWVudF9pZCI6ImY4YmExZjMxLTFjMmEtNDIyNS1hNzgzLTgyY2FmYmVlOGQzYiIsImNhdGVnb3J5IjoiIiwiYWJ0ZXN0Ijoic3RhbmRhcmQiLCJleHRyYSI6IiIsImludGVyYWN0aW9uX251bWJlciI6MCwicG9waW5fdmVyc2lvbiI6Nn0=&t=1619576851330
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:32 GMT
Last-Modified: Fri, 10 Jan 2020 11:34:08 GMT
Server: nginx/1.13.5
ETag: "5e186130-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK adlogs
log.popin.cc/log/popin_ads/ 66 B
303 B 1193ms
293ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_ads/adlogs?data=eyJ0eXBlIjoicmVxIiwicmlkIjoiMDAwMDAwIiwiYWxnIjoibHRyIiwidGltZV9zaG93X3NlY29uZHMiOjIsInJlcXVlc3RfYWQiOjE1LCJyZXNwb25zZV9hZCI6MTUsInNtamFkIjowLCJhZiI6IiIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibi55YW0uY29tIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsImxvZ2lkIjoiYjNiZGFmN2UtOGNhMC00MjI2LThiM2QtODA1OTU5MjI5ZTBhIiwidWlkIjoiNDAyZTVjN2FkMWZlZGU4NzA5MDE2MTk1Njk2NDk4MTEiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmOGJhMWYzMS0xYzJhLTQyMjUtYTc4My04MmNhZmJlZThkM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJuLnlhbS5jb20iLCJ0ZF9wYXRoIjoiL0FydGljbGUvMjAyMTA0MjcxMDE3OTIiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiZjhiYTFmMzEtMWMyYS00MjI1LWE3ODMtODJjYWZiZWU4ZDNiIiwiY2F0ZWdvcnkiOiIiLCJhYnRlc3QiOiJzdGFuZGFyZCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1619576851338
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:32 GMT
Last-Modified: Thu, 13 Dec 2018 07:24:27 GMT
Server: nginx/1.13.5
ETag: "5c12092b-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK s.gif
r.popin.cc/ 35 B
264 B 1171ms
292ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&uid=&type=pc_channel_pv&nid=pc&media=n.yam.com&r5=ab_standard|ch_with_sz_word-pc&t=1619576851344&tz=tw
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:32 GMT
Last-Modified: Thu, 29 Aug 2019 01:59:39 GMT
Server: nginx
ETag: "5d67318b-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK discoverylogs
log.popin.cc/log/popin_media/ 66 B
303 B 956ms
284ms Image
image/jpeg 119.63.198.143
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://log.popin.cc/log/popin_media/discoverylogs?data=eyJ0eXBlIjo3LCJpc19mZWVkX21vZHVsZSI6IiIsImNoYW5uZWxfaWQiOiJ3aXRoX3N6X3dvcmQtcGMiLCJleHBlY3RlZF9hZCI6MiwicmVuZGVyZWRfYWQiOjIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJkZXZpY2UiOiJwYyIsIm1lZGlhIjoibi55YW0uY29tIiwidXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsImxvZ2lkIjoiYjNiZGFmN2UtOGNhMC00MjI2LThiM2QtODA1OTU5MjI5ZTBhIiwicmlkIjoiMDAwMDAwIiwidWlkIjoiNDAyZTVjN2FkMWZlZGU4NzA5MDE2MTk1Njk2NDk4MTEiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmOGJhMWYzMS0xYzJhLTQyMjUtYTc4My04MmNhZmJlZThkM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoiIiwidGRfdXJsIjoiaHR0cHM6Ly9uLnlhbS5jb20vQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsInRkX3VzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvODkuMC40Mzg5LjcyIFNhZmFyaS81MzcuMzYiLCJ0ZF9wbGF0Zm9ybSI6IkxpbnV4IHg4Nl82NCIsInRkX2hvc3QiOiJuLnlhbS5jb20iLCJ0ZF9wYXRoIjoiL0FydGljbGUvMjAyMTA0MjcxMDE3OTIiLCJ0ZF9yZWZlcnJlciI6IiIsInRkX2Jyb3dzZXIiOiJDaHJvbWUiLCJ0ZF9icm93c2VyX3ZlcnNpb24iOiI4OS4wLjQzODkiLCJ0ZF9vcyI6IldpbmRvd3MiLCJ0ZF9vc192ZXJzaW9uIjoiMTAuMC4wIiwiY2xpZW50X2lkIjoiZjhiYTFmMzEtMWMyYS00MjI1LWE3ODMtODJjYWZiZWU4ZDNiIiwiY2F0ZWdvcnkiOiIiLCJhYnRlc3QiOiJzdGFuZGFyZCIsImV4dHJhIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowLCJwb3Bpbl92ZXJzaW9uIjo2fQ==&t=1619576851344
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 119.63.198.143 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx/1.13.5 /
Resource Hash: 654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:32 GMT
Last-Modified: Mon, 07 Jan 2019 09:48:08 GMT
Server: nginx/1.13.5
ETag: "5c332058-42"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 66

GET
H/1.1 200
OK log.gif
r.popin.cc/ 35 B
264 B 960ms
290ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.popin.cc/log.gif?type=related-tw&uid=402e5c7ad1fede870901619569649811&url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&t=1619576851345
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:32 GMT
Last-Modified: Thu, 29 Aug 2019 01:24:26 GMT
Server: nginx
ETag: "5d67294a-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3495 42 B
64 B 15ms
15ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssW3sPjeTg78UX4Naf6XZ6umZwGZUfe0xXPb39-KmK4qMmDzMFrfw9YnOIfpQohCwlfBDy2q1Iwr-p181mPPLrg0hdy7-YmHsgtZtcVT_EcD-wP8k6-lyGKt5-r_A&sai=AMfl-YSmrCfNcr_kYum-y87IunIyMr-E2hhqELht5IULA9vZcJpBazkc3iuYxnHDQy1J5eppLdq2BgynX8-TfzYrDjIKrLgT5hmu0fo2YzTqiBM5sgE7IQ38scrRsCxQNre6&sig=Cg0ArKJSzIWXSXLck963EAE&cid=CAASPeRosofYY7SjA7BWlGsHsA7IDffHh1lPTkj246dLYrcxD-_sfPUZn-EUvDiY-J29VEl1M_l30wR-HquXTNQ&id=lidar2&mcvt=1000&p=215,436,323,1164&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210423&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&app=0&itpl=20&adk=1120119845&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619576850100&dlt=41&rpt=446&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C728 42 B
64 B 17ms
16ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvTwtKwC1fliavbe85NuGpcsCNLuRIdIz5yqg_uFKzXqTOZwDNMEa3LR9F92n7wZ0SqTl3iDansFstMtE9_2EfcZvRtPSpCYxtL1s1d7jjiuCuZZpMUEO-rXfhrXw&sai=AMfl-YTw3kB86A1LXrUzC9zUeOaLQzgTLdzexUbAgLEwHFE1wAjmzDCaqc_Tn6E7Cmezdhv6K1K2A2owMGrzWldpt49zyjyWjBZJ_LtgJdXIIt9JAX6y37vzPC1CJuCoEOF-&sig=Cg0ArKJSzIFaLALjJPt-EAE&cid=CAASPeRooTJaPHePGY6O3jo2sJUvJb6a6z1EusLuw9AM0mZV1NBPWQCye_QbXbZ5HFFyLVQYMGztUridFaEkvRY&id=lidar2&mcvt=1000&p=677,1050,1281,1350&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210423&bin=7&avms=nio&bs=0,0&mc=0.87&if=1&app=0&itpl=20&adk=610970660&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1619576850039&dlt=83&rpt=583&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK readlogs Show response
in.treasuredata.com/js/v3/event/popin_media/ 89 B
515 B 130ms
130ms Script
application/javascript 3.229.28.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_media/readlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1619576851913&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmOGJhMWYzMS0xYzJhLTQyMjUtYTc4My04MmNhZmJlZThkM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5L%2Bh55So5Y2h57mz56iF5YSq5oOg5pC25YWI55yL44CA6Iqx5peX5paw5oi2MiXnj77ph5Hlm57ppYsgfCDolYPmlrDogZ4iLCJ0ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjEwNDI3MTAxNzkyIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im4ueWFtLmNvbSIsInRkX3BhdGgiOiIvQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiaW1hZ2UiOiIiLCJwdWJkYXRlIjoiIiwiZG9tYWluIjoibi55YW0uY29tIiwibWVkaWEiOiJuLnlhbS5jb20iLCJkZXZpY2UiOiJwYyIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJyZWFkX3JlIjoib3JnYW5pYyIsInJlYWRfc3RhdF90ZXh0Ijo4MDAsInJlYWRfc3RhdF9pbWFnZSI6MzMsInJlYWRfc3RhdF9pbl90ZXh0Ijo4MDAsInJlYWRfc3RhdF9pbl9pbWFnZSI6MzMsInJlYWQiOjEwLCJyZWFkX3RpbWUiOjEuOSwicG9waW5fdXNlcl9pZCI6IiIsInBpdWlkIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowfQ%3D%3D&callback=TreasureJSONPCallback2

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.28.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-28-141.compute-1.amazonaws.com

Software

Resource Hash

84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Wed, 28 Apr 2021 02:27:32 GMT
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK s.gif
rlog.popin.cc/ 35 B
264 B 1149ms
286ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&uid=&nid=4TETMADP!LrB&media=n.yam.com&r1=10&r2=0&r3=text800|image33|in_text800|in_image33&r4=2&r5=re_organic|dv_pc|session|sstorage&r6=2&r7=-0&r8=54.68666666666666&t=1619576851911
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:33 GMT
Last-Modified: Thu, 29 Aug 2019 01:24:26 GMT
Server: nginx
ETag: "5d67294a-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H3-29

200

feedback.php Show response
www.facebook.com/plugins/ Frame 03C5
Redirect Chain

https://www.facebook.com/v2.11/plugins/comments.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25a155543434e%26domain%3Dn.y...
https://www.facebook.com/plugins/comments.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25a155543434e%26domain%3Dn.yam.com...
https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25a155543434e%26domain%3Dn.yam.com...

111 KB
27 KB

595ms
594ms

Document
text/html

2a03:2880:f142:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25a155543434e%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=a81a2007cc9d31e1905f070da6243dd6&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

265e5a9cd200d817243b551698faca221a91745ad3a2db7cb236d9a27d3f54f7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25a155543434e%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://n.yam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=05Um0CFSAyDOu94da..BgiMgR...1.0.BgiMgR.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
x-xss-protection: 0
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
content-encoding: br
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
content-type: text/html; charset="utf-8"
x-fb-debug: psPw64kbh6lb1GkOGAnjvvsAVRMMbaiT7NLERcmQkpO0w2GWGKikp2IsiT/wYHuyhL1h83qYy7ShhE212e3wjQ==
date: Wed, 28 Apr 2021 02:27:34 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25a155543434e%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: KMWHkEvNAM0mvZFKHu+sHrbOVoC/EJZzyF3otMgvd46mbRanFYXhJP6gr5Rv1noJ2TxsZXyZJbTKQ4QXTEqsMw==
content-length: 0
date: Wed, 28 Apr 2021 02:27:33 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 9 KB
7 KB 17ms
17ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042201&st=env

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c26297a3bbe1950afc0acc3dacb50a81666db32c05a468b8efce74339c35a921

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 02:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6986
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.pl/adsid/ 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.pl/adsid/integrator.js?domain=n.yam.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 02:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 30ms
17ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=n.yam.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 02:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 8 KB
4 KB 78ms
78ms XHR
text/plain 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1606888329408971&correlator=3734467647422125&output=ldjh&impl=fifs&eid=31060783%2C31060901&vrg=2021042201&ptt=17&sc=1&sfv=1-0-38&ecs=20210428&iu_parts=22074138688%2Cn.yam_content_bottom&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&cookie=ID%3Df450acfb2eaa15d8-22d0781af6c70008%3AT%3D1619576849%3AS%3DALNI_Maz-FbvuX8VcnEDxRvCxRFyx4TrWA&bc=31&abxe=1&lmt=1619576853&dt=1619576853543&dlt=1619576848317&idt=1110&frm=20&biw=1600&bih=1200&oid=3&adxs=250&adys=1910&adks=2548467497&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&vis=1&dmc=8&scr_x=0&scr_y=0&psz=760x1&msz=760x1&ga_vid=1252067354.1619576849&ga_sid=1619576849&ga_hid=1113342304&ga_fc=false&fws=0&ohw=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

b0c2c3beb23532abc23c7a7a9db587a0ecbbc0e7984842c18783edc23e3efa94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4191
x-xss-protection: 0
google-lineitem-id: 5489604634
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138324749448
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://n.yam.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 161ms
43ms Preflight 13.69.65.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://n.yam.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Wed, 28 Apr 2021 02:27:32 GMT
content-length: 0

POST
H2 400 track Show response
dc.services.visualstudio.com/v2/ 393 B
511 B 63ms
63ms XHR
application/json 13.69.65.23
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

13.69.65.23 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

ed70c771eb14ec7d0c11178ea50022df2f18425bff880facc66519e05e6189fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://n.yam.com/
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: BF5B3AB0-9077-48C5-85DA-5A47EB9D3D61
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Wed, 28 Apr 2021 02:27:32 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 393

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 28 Apr 2021 02:27:33 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame D2DC 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://n.yam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://n.yam.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Tue, 27 Apr 2021 23:30:56 GMT
expires: Wed, 27 Apr 2022 23:30:56 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 10597
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 -_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js Show response
pagead2.googlesyndication.com/bg/ Frame D2DC 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/-_4qODghdBIY0Ta5c9Mpu0KGcGVAhTZCtcXg18Etdwg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 20:34:36 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 15:58:00 GMT
server: sffe
age: 366777
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5672
x-xss-protection: 0
expires: Sat, 23 Apr 2022 20:34:36 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D905 0
0 48ms
48ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNOwT9ds9jvqZ17hgAj0ZTiUYhlZmbqwu23j5ZrqbLznY2NVZvUN0mb-dbFvPP7_SKU8f-Fr3vqvX0ozsfFpyrmoNfgZvJwfsLzpfuSMuPXsYE2IxrA81zPxXQJ9ppf2iTOUcVqjNGB3odKT1x7XrV8b9uCdHLeioFRRKRKiHVLc9XY4WF7Vv_1RHfubcUTUUS316W-0aSilszoFK1b6OlXiojpXI58irjL_Nq72GUezJXPTKozrVBLdSVgutDDFp0DMuoUSZ5dgP-0EZLrlmgNXEFEexFVtlubaM1WqT_TmVhGrky&sig=Cg0ArKJSzOE7DIO06ZSyEAE&urlfix=1&adurl=

Requested by

Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 02:27:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 index.php Show response
stg.truvidplayer.com/ Frame D905 977 B
755 B 208ms
129ms Script
text/html 13.32.21.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/index.php?sub_user_id=597&widget_id=4423&playlist_id=3196&m=a&cb=2247110444641122.8
Requested by: Host: n.yam.com
URL: https://n.yam.com/Article/20210427101792
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-49.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: f264a2c44e34e93ddc50f931c4fdb5544444d62577949d0b6f2c3376d73fa288

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:33 GMT
via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
content-encoding: gzip
x-amz-cf-id: z4BRf_6UBXFVgMD1E0hjcTBJpXO189l0pl7hurbRdA1ikjgP7I3PvQ==

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D905 116 KB
35 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1619188777539687"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36031
x-xss-protection: 0
expires: Wed, 28 Apr 2021 02:27:33 GMT

GET
DATA 200
OK truncated
/ Frame D905 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f732096ea81339f77c9a8d15d118acee57d6cf2e2c2813456daa49ed4660a9d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042201&jk=1606888329408971&bg=!gIOlg8fNAAZLnZBaS507ACkAdvg8Wik1-pLYhhuNFqgPKystagW3BATGsB_Gc_vaDiYM_FHrIwmhpgIAAABoUgAAAAtoAQcKATBv2F3YWFJ5TC8xe6jCKi6jdUQy0yxejrUoVurptrJUTnoFZngKzC6UQJNPQ6HcwAaDi2Is1Ydg6ewCOuJ_ZHwTswC_Aafs8m8M6RefdJFc1fmptgqDhuRSiX_sJEGhfVGNwZLz2C6WWWBeETSVudfVV6BzOI5ztn3OR_hSZWZY9ENFoq-4CddUb7M4_IZJiWo7NTpC19Ay6-fRZTsx9-DrFo-XCHJWkq4rMuNMM-LkRImWSjcQBteMqOft1B85ZLzeRpcZWf77bnGjrSjjXY9cU-3W91LAwn8SqjoZFiw8qQNIGPcQeq2L-F3Nmb4wT4NiaBO9bJP0pZXVDWcYLAmzdiGFPusTXasYz9NUHZikU8FG7_BVOzolVNBTB9vPLyc_NxvkEPn9rvm19ufUUY8umQIkAF75kZpVX4LpdjBVuJhm7s_IQAfLR9328iMevk9kFvXy__HwvDD7b59zgDJFvjVRFgDvACq61Ij8AYIX63GYAlUfBUlQahbYhFewLjI0ENm8aDemjNmYBSIWFxQgPOx0OGil3bMPlPn7RbcpeA_jCNaDTFdC49DZMbLK2bgUZFrd7dMwWP-vqKfBbQIUYOtY1NQuQMNRMxIa-CjvX2UgW-kMjdJlBdmTFMtUDYhQF3yEmjNeut7Z7de5vxr1pdByc5qlF3GN1kDi7mwuoYO0qA6szZGDVWunkaP1pWGXB0-APPQpgP7HTlSF3rJhh-dWZ2mfhLr3cpmBmPHzl-DrT5FDuheb2qVXPIIbWyF_BgyOFKg4hAmUqxqnpzD2oVlmzkI7VtXFrB4-pg2Oz04E8Js9dKegNS0AiIK7N8Fo-LJqWGenJkONpK_djEuby7W9hje98KrLN6jiTa9vL7ftoFkdxL-qEnT_fSJd0uvZ6QBOYUe_jyf3I5uRoTyYdYxzMKcESZvt7Sho7RmGQ1fWzZMo-FlI0upNxZfXYVU3OaTwXrAKLHazay4FqythCn9S6GC4UJBDjza6E6n-b3MnVsaJITJvscgY6ggbhr-mznFJd1Z-wrJXZN9qVVawRIgc4lWpO0ASeyWs8Tg1NyT_inrqPIpy0I6ONyFcAo1C9YltssKxajY6xCoDnmE5pIY86sP0IyQxb1fR8DDZeiaqHKHbdr8

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Apr 2021 02:27:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 4423.js Show response
go.trvdp.com/init/ Frame D905 23 KB
23 KB 21ms
6ms Script
binary/octet-stream 2600:9000:211e:f000:3:7e1c:5b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/4423.js?pid=3196
Requested by: Host: stg.truvidplayer.com
URL: https://stg.truvidplayer.com/index.php?sub_user_id=597&widget_id=4423&playlist_id=3196&m=a&cb=2247110444641122.8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:f000:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d956cecbc72546f6be9165e71ea6fe0e30c83274da131e88a4b8c12c2d6d540d

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 07:36:48 GMT
via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
last-modified: Tue, 27 Oct 2020 11:06:21 GMT
server: AmazonS3
age: 6893446
etag: "48abea3234995128fcf6b9c6fa92da03"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-length: 23347
x-amz-cf-id: gmtbOmHwEYl8o2XwjZhwjuSUDH378L6Qz1hdI-22w24zDqhsB0veoQ==

GET
H/1.1 200
OK 20200303%5C2020030306521772.jpg
vote.yam.com/imgfix/ Frame 78C5 36 KB
36 KB 192ms
191ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20200303%5C2020030306521772.jpg?h=250&w=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1eb20e078ab3199a4139a3a1216b8d1db5974981c0061a1a90b543062315f1f0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:33 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 28 Mar 2021 12:55:38 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=28895284
Content-Length: 36765
X-Xss-Protection: 1; mode=block
Expires: Mon, 28 Mar 2022 12:55:38 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame D905 0
0 130ms
46ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2rbXTcXH_2zuohT7GOrat9iINYVr-2mf6wGXBbe5XTRjiXgRgw2jFh5mViu4ndFeP1shKUH9e5q-_uy4jjlc4oK_jvteFZhWr9Fnu0Yk_l-X135SWO-Qr-_7R25Yfi1-rVbY_EmPHvWRRVOx8v_Wsd5KqfIUjwtSXoyg0lP2uID0UJCfc6yRT7qtVtO2zV17G692u3JpFofp4j4jG5ydRIFctAEjz2bKiu7RkQ_r8jlckMGYMjIQxVu032zOc-nnelpF9v_Rs39QO8zqj2_9GFSuuKUHRhSCiKXrO9UUeqoRwq3wDcgo&sig=Cg0ArKJSzPXO43ezbjfgEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 28 Apr 2021 02:27:33 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 28 Apr 2021 02:27:33 GMT

GET
H/1.1 200
OK readlogs Show response
in.treasuredata.com/js/v3/event/popin_media/ 89 B
515 B 131ms
130ms Script
application/javascript 3.229.28.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_media/readlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1619576853907&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmOGJhMWYzMS0xYzJhLTQyMjUtYTc4My04MmNhZmJlZThkM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5L%2Bh55So5Y2h57mz56iF5YSq5oOg5pC25YWI55yL44CA6Iqx5peX5paw5oi2MiXnj77ph5Hlm57ppYsgfCDolYPmlrDogZ4iLCJ0ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjEwNDI3MTAxNzkyIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im4ueWFtLmNvbSIsInRkX3BhdGgiOiIvQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiaW1hZ2UiOiIiLCJwdWJkYXRlIjoiIiwiZG9tYWluIjoibi55YW0uY29tIiwibWVkaWEiOiJuLnlhbS5jb20iLCJkZXZpY2UiOiJwYyIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJyZWFkX3JlIjoib3JnYW5pYyIsInJlYWRfc3RhdF90ZXh0Ijo4MDAsInJlYWRfc3RhdF9pbWFnZSI6MzMsInJlYWQiOjIwLCJyZWFkX3RpbWUiOjMuOSwicG9waW5fdXNlcl9pZCI6IiIsInBpdWlkIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowfQ%3D%3D&callback=TreasureJSONPCallback3

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.28.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-28-141.compute-1.amazonaws.com

Software

Resource Hash

b3a7346cae0525400bb6539496990f7de2ee33862cb6e38fd82f0e463d367e1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Wed, 28 Apr 2021 02:27:33 GMT
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK s.gif
rlog.popin.cc/ 35 B
264 B 289ms
289ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&uid=&nid=4TETMADP!LrB&media=n.yam.com&r1=20&r2=10&r3=text800|image33&r4=2&r5=re_organic|dv_pc&r6=4&r7=-2&t=1619576853907
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:34 GMT
Last-Modified: Thu, 29 Aug 2019 01:24:26 GMT
Server: nginx
ETag: "5d67294a-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H2 200 p.php Show response
stg.truvidplayer.com/ Frame D905 4 KB
3 KB 214ms
137ms XHR
application/json 13.32.21.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=597&wid=4423&cb=6360.802209496257&pid=3196&url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&isab=0
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/4423.js?pid=3196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-49.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 6ff86fa588f690969984f7671b0aadf8201da6bdebb4f7f06a682f8379871fcf

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:34 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: FRA56-C2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://n.yam.com
access-control-allow-credentials: true
x-amz-cf-id: AcydjFvHOnRT02YqM6LkoyCYiX_WoGysS0HY40VX2BdNrXlInnoPnQ==
via: 1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)

GET
H/1.1 200
OK 20200303%5C2020030306521772.jpg
vote.yam.com/imgfix/ Frame 78C5 36 KB
36 KB 191ms
190ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20200303%5C2020030306521772.jpg?h=250&w=0

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1eb20e078ab3199a4139a3a1216b8d1db5974981c0061a1a90b543062315f1f0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:33 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 28 Mar 2021 12:55:38 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=28895284
Content-Length: 36765
X-Xss-Protection: 1; mode=block
Expires: Mon, 28 Mar 2022 12:55:38 GMT

GET
H/1.1 200
OK 20200320%5C2020032003555041.jpg
vote.yam.com/imgfix/ Frame 78C5 21 KB
21 KB 191ms
191ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20200320%5C2020032003555041.jpg?h=250&w=0

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d1c4e7914250cd0668e63d09f2e3394b67168a91901fdde86cc401a13cf2fe00

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:33 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 28 Mar 2021 12:55:52 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=28895298
Content-Length: 21380
X-Xss-Protection: 1; mode=block
Expires: Mon, 28 Mar 2022 12:55:52 GMT

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.638/ 426 KB
126 KB 20ms
6ms Script
application/javascript 2600:9000:206f:9a00:d:3c0f:bcc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.638/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/4423.js?pid=3196
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9a00:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a46e194a943a0fe9c3e0f39b74d343aa3718a05b88baf188a097e6ce5f4e877

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 05 Apr 2021 10:01:01 GMT
content-encoding: gzip
last-modified: Sun, 04 Apr 2021 12:23:56 GMT
server: AmazonS3
age: 1959994
etag: W/"7db7de39fc08f5bab11028f0ca258c42"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 910fc18161f0602555cc5b6397ca26f3.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: h0fdqCLPql_rtoNx8PxRfFqrEDyNSQc9Wy9bJsgjTHRg92CtHrfFQg==

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 52 B
718 B 581ms
144ms XHR
text/plain 130.211.115.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=n.yam.com&l1=4423&l2=n.yam.com&l3=PL&l4=desktop&cb=0.3294802524234488
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Apr 2021 02:27:34 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://n.yam.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 52

GET
H2 200 3vRI-J_FErh.css
static.xx.fbcdn.net/rsrc.php/v3/yK/l/1,cross/ Frame 03C5 173 KB
27 KB 166ms
88ms Stylesheet
text/css 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/1,cross/3vRI-J_FErh.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df25a155543434e%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=760&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24bfe71ebe171f665e83c3d5c30192b307a583d9c05cdb9d84b311cbceb2cdeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZdHfqESJ3YNt2AI4arwKuw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 27607
x-fb-rlafr: 0
x-fb-debug: BLkg7Gti7UuT3AEMRYxX5M1+qlT8fSC0bKE207qZxPiJnBlLoiI1Qe+WhtyylYjSjacQWupq3Kgi0v7d+C7wOw==
x-fb-trip-id: 512678718
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 27 Apr 2022 18:04:50 GMT

GET
H2 200 of3W6kmxqoW.css
static.xx.fbcdn.net/rsrc.php/v3/yb/l/1,cross/ Frame 03C5 127 KB
21 KB 165ms
88ms Stylesheet
text/css 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/1,cross/of3W6kmxqoW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d4f55e86aaaec67ff475cd585c6a8be05c07e1075ef07fe5bc3cc7fb476a76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5C0vEFswqeawIJbK+UAQXQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 20854
x-fb-rlafr: 0
x-fb-debug: bgVwNUNZF2itHCqb8W+5IcNKYurdw/B3vrVYdyGPoxtbFEERRLlkCeEBi23+X3nr8qZxdePfnAGcKTiL0M8zhg==
x-fb-trip-id: 512678718
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 22 Apr 2022 17:27:27 GMT

GET
H2 200 s42o5npKlRj.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 03C5 272 KB
73 KB 113ms
36ms Script
application/x-javascript 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b067a9b351b13f9c76cc0d3f8a3ed15b86e58b4f0038fd22514f5a169ec07d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fmry7aXReGqIdm1nsjTfwA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73923
x-fb-rlafr: 0
x-fb-debug: wovFzOccH/YYwDSIMAKaglisMyqVrZ3LK9VCnS1qGRTCjNDCanYYSmMcRKOuczXjeG+HnlBsT3FH7qTryXOPaw==
x-fb-trip-id: 512678718
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Wed, 27 Apr 2022 15:10:55 GMT

GET
H2 200 B5oe9mSZyw3.js Show response
static.xx.fbcdn.net/rsrc.php/v3i63m4/yC/l/zh_TW/ Frame 03C5 156 KB
44 KB 165ms
88ms Script
application/x-javascript 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i63m4/yC/l/zh_TW/B5oe9mSZyw3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8967d3c162eee5fc9e46d1bf74ac9f5dcaeac787d7f5d3bb90a94f85ea3f279b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: u6L9wnuQ1mk7INcGg2Otig==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44596
x-fb-rlafr: 0
x-fb-debug: rFVZ+TAV7kb7Pbr8MYY5aWKGohohj2MRGMNgP7M6m0VJ24TvYh8nLygTAvvZfHMT/qJD6HNA3sgJoPFhNBcnBw==
x-fb-trip-id: 512678718
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Apr 2022 06:24:57 GMT

GET
H2 200 yoh9mRMCKzZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAHa4/yG/l/zh_TW/ Frame 03C5 37 KB
11 KB 164ms
88ms Script
application/x-javascript 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAHa4/yG/l/zh_TW/yoh9mRMCKzZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

106fffd94d1d8291649b3e1b11cb69d5114787f470c37030ab1970feb2d79bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: I+RMIFLM2pbxzsjXZej8+w==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 11087
x-fb-rlafr: 0
x-fb-debug: IUoU7z2h5BpBXIov6uPQ3igNZnk8kxhBEwyXa1ZWHR/84lnHI/JCdYUGRSKQ78dka85IhH9F3mt3koSDYaH0tg==
x-fb-trip-id: 512678718
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 24 Apr 2022 00:41:33 GMT

GET
H2 200 LpAgiooQ2Qv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame 03C5 32 KB
10 KB 113ms
37ms Script
application/x-javascript 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/LpAgiooQ2Qv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

810fd98b65b7fab1ebd27816f8409ef63cd341dee5e59766d694e002a49cafa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GVXP9zCMEGxyu/K6PGxjvw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 10193
x-fb-rlafr: 0
x-fb-debug: 6mqUlNoXlsL7inNSMDZfqqrHy7s+wg9y6ewdQBzGM9Wo1vKWDavgOpfIjDoaMzk6p5KOtGBrOYA9CtRmhDWvoQ==
x-fb-trip-id: 512678718
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 26 Apr 2022 15:42:41 GMT

GET
H2 200 12d2c7VgQin.js Show response
static.xx.fbcdn.net/rsrc.php/v3i2n64/y3/l/zh_TW/ Frame 03C5 1 MB
324 KB 165ms
89ms Script
application/x-javascript 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i2n64/y3/l/zh_TW/12d2c7VgQin.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

708327e1b482f8d980aec658d3cb1dd18d60fe4629e24d17c3fdc63480f0d4bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uNSO99LRt1aX5CPDOBQ8fw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 331680
x-fb-rlafr: 0
x-fb-debug: mgHdSw2iHcDb8FKAow3ooHC93D6mfn3ibhLKHitogpOQvG8IAlQK3hJ9RkvswCmm10DtmWdxihF19VBdR8W2kg==
x-fb-trip-id: 512678718
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 26 Apr 2022 22:35:54 GMT

GET
H2 200 R-pDWyhQ5sl.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 03C5 5 KB
2 KB 163ms
87ms Script
application/x-javascript 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/R-pDWyhQ5sl.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e48542bb490c1f521178a7be1a31ec70ad2540e5e0acc08624c6808e07b5d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:34 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5i44pik56+A0WlJSqb+i1Q==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2063
x-fb-rlafr: 0
x-fb-debug: 4WOoifkw2ir+3uT4w+raqoDbkI1Uddpi01B8JMOApJ20gigvH/AXV+CiPHuE5YFrBfco65D+qCTIz6mD6GIicQ==
x-fb-trip-id: 512678718
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
expires: Tue, 26 Apr 2022 15:42:41 GMT

GET
H3-29 200 4vSS-ujAKMP.png
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 03C5 51 KB
51 KB 74ms
36ms Image
image/png 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/4vSS-ujAKMP.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/1,cross/of3W6kmxqoW.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d00bfeea80983c9ff4eb0438b76f2e7242c288fa5fb83c938be74893fad5a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/1,cross/of3W6kmxqoW.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: Mp65TO6o26/cbBrjaplEgV4FXaSESpD/7vr43jHYs6QOiS3VZvYivuzsXbGMcZ1w+QQgmJFk632e3D2nq2fEYw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: umwqwUgDRbunxPVSLaal0g==
date: Wed, 28 Apr 2021 02:27:34 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 52671
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
x-fb-rlafr: 0
expires: Tue, 19 Apr 2022 22:38:10 GMT

GET
H3-29

200

feedback.php Show response
www.facebook.com/plugins/ Frame 55A7
Redirect Chain

https://www.facebook.com/v2.11/plugins/comments.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn....
https://www.facebook.com/plugins/comments.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.co...
https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.co...

111 KB
27 KB

138ms
137ms

Document
text/html

2a03:2880:f142:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js?hash=a81a2007cc9d31e1905f070da6243dd6&ua=modern_es6

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f142:82:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1f31c3a312f6562a0c0b8e5dc59e1308cfb39e4ac9996f73459f4c4645e6d958

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://n.yam.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
cache-control: private, no-cache, no-store, must-revalidate
x-xss-protection: 0
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
content-encoding: br
expires: Sat, 01 Jan 2000 00:00:00 GMT
vary: Accept-Encoding
pragma: no-cache
x-fb-rlafr: 0
cross-origin-opener-policy: same-origin-allow-popups
content-type: text/html; charset="utf-8"
x-fb-debug: bx3lz0sFdZPLQSEtLOckueXqisSvE5se5wZdTSFBPAbBgHWls7gAp1ICC0q5hG5hfL8yJXq4E2YNWRUxzr4JPQ==
date: Wed, 28 Apr 2021 02:27:35 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

Redirect headers

location: https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760
strict-transport-security: max-age=15552000; preload
content-type: text/html; charset="utf-8"
x-fb-debug: EVeZpBoojMGIQQbwx3+p2qa+fvdfNRNAv81Znrpb16iL//tP/TRAl1ZI/0andm59AA2beWVX9JPOHstux05nSw==
content-length: 0
date: Wed, 28 Apr 2021 02:27:35 GMT
priority: u=3,i
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

GET
H3-29 200 3vRI-J_FErh.css
static.xx.fbcdn.net/rsrc.php/v3/yK/l/1,cross/ Frame 55A7 173 KB
27 KB 40ms
39ms Stylesheet
text/css 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yK/l/1,cross/3vRI-J_FErh.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

24bfe71ebe171f665e83c3d5c30192b307a583d9c05cdb9d84b311cbceb2cdeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: ZdHfqESJ3YNt2AI4arwKuw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 27607
x-fb-rlafr: 0
x-fb-debug: BLkg7Gti7UuT3AEMRYxX5M1+qlT8fSC0bKE207qZxPiJnBlLoiI1Qe+WhtyylYjSjacQWupq3Kgi0v7d+C7wOw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Apr 2022 18:04:50 GMT

GET
H3-29 200 of3W6kmxqoW.css
static.xx.fbcdn.net/rsrc.php/v3/yb/l/1,cross/ Frame 55A7 127 KB
20 KB 40ms
39ms Stylesheet
text/css 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/1,cross/of3W6kmxqoW.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4d4f55e86aaaec67ff475cd585c6a8be05c07e1075ef07fe5bc3cc7fb476a76a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5C0vEFswqeawIJbK+UAQXQ==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 20854
x-fb-rlafr: 0
x-fb-debug: bgVwNUNZF2itHCqb8W+5IcNKYurdw/B3vrVYdyGPoxtbFEERRLlkCeEBi23+X3nr8qZxdePfnAGcKTiL0M8zhg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 22 Apr 2022 17:27:27 GMT

GET
H3-29 200 s42o5npKlRj.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame 55A7 272 KB
72 KB 38ms
36ms Script
application/x-javascript 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/s42o5npKlRj.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5b067a9b351b13f9c76cc0d3f8a3ed15b86e58b4f0038fd22514f5a169ec07d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: fmry7aXReGqIdm1nsjTfwA==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 73923
x-fb-rlafr: 0
x-fb-debug: wovFzOccH/YYwDSIMAKaglisMyqVrZ3LK9VCnS1qGRTCjNDCanYYSmMcRKOuczXjeG+HnlBsT3FH7qTryXOPaw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Apr 2022 15:10:55 GMT

GET
H3-29 200 B5oe9mSZyw3.js Show response
static.xx.fbcdn.net/rsrc.php/v3i63m4/yC/l/zh_TW/ Frame 55A7 156 KB
44 KB 39ms
38ms Script
application/x-javascript 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i63m4/yC/l/zh_TW/B5oe9mSZyw3.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8967d3c162eee5fc9e46d1bf74ac9f5dcaeac787d7f5d3bb90a94f85ea3f279b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: u6L9wnuQ1mk7INcGg2Otig==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44596
x-fb-rlafr: 0
x-fb-debug: rFVZ+TAV7kb7Pbr8MYY5aWKGohohj2MRGMNgP7M6m0VJ24TvYh8nLygTAvvZfHMT/qJD6HNA3sgJoPFhNBcnBw==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Wed, 27 Apr 2022 06:24:57 GMT

GET
H3-29 200 yoh9mRMCKzZ.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAHa4/yG/l/zh_TW/ Frame 55A7 37 KB
11 KB 39ms
38ms Script
application/x-javascript 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAHa4/yG/l/zh_TW/yoh9mRMCKzZ.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

106fffd94d1d8291649b3e1b11cb69d5114787f470c37030ab1970feb2d79bcd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: I+RMIFLM2pbxzsjXZej8+w==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 11087
x-fb-rlafr: 0
x-fb-debug: IUoU7z2h5BpBXIov6uPQ3igNZnk8kxhBEwyXa1ZWHR/84lnHI/JCdYUGRSKQ78dka85IhH9F3mt3koSDYaH0tg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 24 Apr 2022 00:41:33 GMT

GET
H3-29 200 LpAgiooQ2Qv.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yu/r/ Frame 55A7 32 KB
10 KB 39ms
38ms Script
application/x-javascript 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yu/r/LpAgiooQ2Qv.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

810fd98b65b7fab1ebd27816f8409ef63cd341dee5e59766d694e002a49cafa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: GVXP9zCMEGxyu/K6PGxjvw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 10193
x-fb-rlafr: 0
x-fb-debug: 6mqUlNoXlsL7inNSMDZfqqrHy7s+wg9y6ewdQBzGM9Wo1vKWDavgOpfIjDoaMzk6p5KOtGBrOYA9CtRmhDWvoQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 26 Apr 2022 15:42:41 GMT

GET
H3-29 200 12d2c7VgQin.js Show response
static.xx.fbcdn.net/rsrc.php/v3i2n64/y3/l/zh_TW/ Frame 55A7 1 MB
324 KB 42ms
41ms Script
application/x-javascript 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3i2n64/y3/l/zh_TW/12d2c7VgQin.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

708327e1b482f8d980aec658d3cb1dd18d60fe4629e24d17c3fdc63480f0d4bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: uNSO99LRt1aX5CPDOBQ8fw==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 331680
x-fb-rlafr: 0
x-fb-debug: mgHdSw2iHcDb8FKAow3ooHC93D6mfn3ibhLKHitogpOQvG8IAlQK3hJ9RkvswCmm10DtmWdxihF19VBdR8W2kg==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 26 Apr 2022 22:35:54 GMT

GET
H3-29 200 R-pDWyhQ5sl.js Show response
static.xx.fbcdn.net/rsrc.php/v3/yp/r/ Frame 55A7 5 KB
2 KB 41ms
40ms Script
application/x-javascript 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yp/r/R-pDWyhQ5sl.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/feedback.php?app_id=241039752194&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df1f6a01f89e9c14%26domain%3Dn.yam.com%26origin%3Dhttps%253A%252F%252Fn.yam.com%252Ff150a10d469eac%26relation%3Dparent.parent&container_width=0&height=100&href=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&locale=zh_TW&numposts=5&sdk=joey&version=v2.11&width=760

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e48542bb490c1f521178a7be1a31ec70ad2540e5e0acc08624c6808e07b5d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.facebook.com
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Apr 2021 02:27:35 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: 5i44pik56+A0WlJSqb+i1Q==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 2063
x-fb-rlafr: 0
x-fb-debug: 4WOoifkw2ir+3uT4w+raqoDbkI1Uddpi01B8JMOApJ20gigvH/AXV+CiPHuE5YFrBfco65D+qCTIz6mD6GIicQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Tue, 26 Apr 2022 15:42:41 GMT

GET
H3-29 200 4vSS-ujAKMP.png
static.xx.fbcdn.net/rsrc.php/v3/yS/r/ Frame 55A7 51 KB
51 KB 36ms
36ms Image
image/png 2a03:2880:f042:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yS/r/4vSS-ujAKMP.png

Requested by

Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/1,cross/of3W6kmxqoW.css?_nc_x=Ij3Wp8lg5Kz

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f042:10:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d00bfeea80983c9ff4eb0438b76f2e7242c288fa5fb83c938be74893fad5a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://static.xx.fbcdn.net/rsrc.php/v3/yb/l/1,cross/of3W6kmxqoW.css?_nc_x=Ij3Wp8lg5Kz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-fb-debug: Mp65TO6o26/cbBrjaplEgV4FXaSESpD/7vr43jHYs6QOiS3VZvYivuzsXbGMcZ1w+QQgmJFk632e3D2nq2fEYw==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: umwqwUgDRbunxPVSLaal0g==
date: Wed, 28 Apr 2021 02:27:35 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
content-length: 52671
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
x-fb-rlafr: 0
expires: Tue, 19 Apr 2022 22:38:10 GMT

GET
H/1.1 200
OK readlogs Show response
in.treasuredata.com/js/v3/event/popin_media/ 89 B
515 B 129ms
129ms Script
application/javascript 3.229.28.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_media/readlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1619576855914&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmOGJhMWYzMS0xYzJhLTQyMjUtYTc4My04MmNhZmJlZThkM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5L%2Bh55So5Y2h57mz56iF5YSq5oOg5pC25YWI55yL44CA6Iqx5peX5paw5oi2MiXnj77ph5Hlm57ppYsgfCDolYPmlrDogZ4iLCJ0ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjEwNDI3MTAxNzkyIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im4ueWFtLmNvbSIsInRkX3BhdGgiOiIvQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiaW1hZ2UiOiIiLCJwdWJkYXRlIjoiIiwiZG9tYWluIjoibi55YW0uY29tIiwibWVkaWEiOiJuLnlhbS5jb20iLCJkZXZpY2UiOiJwYyIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJyZWFkX3JlIjoib3JnYW5pYyIsInJlYWRfc3RhdF90ZXh0Ijo4MDAsInJlYWRfc3RhdF9pbWFnZSI6MzMsInJlYWQiOjMwLCJyZWFkX3RpbWUiOjUuNywicG9waW5fdXNlcl9pZCI6IiIsInBpdWlkIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowfQ%3D%3D&callback=TreasureJSONPCallback4

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.28.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-28-141.compute-1.amazonaws.com

Software

Resource Hash

ac61dced6a8cf397249219b9a70609ac5d8de7289ef6f507bc22340090db2a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Wed, 28 Apr 2021 02:27:35 GMT
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK s.gif
rlog.popin.cc/ 35 B
264 B 286ms
286ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&uid=&nid=4TETMADP!LrB&media=n.yam.com&r1=30&r2=20&r3=text800|image33&r4=2&r5=re_organic|dv_pc&r6=6&r7=-4&t=1619576855914
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:36 GMT
Last-Modified: Thu, 29 Aug 2019 01:24:26 GMT
Server: nginx
ETag: "5d67294a-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK readlogs Show response
in.treasuredata.com/js/v3/event/popin_media/ 89 B
515 B 132ms
132ms Script
application/javascript 3.229.28.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_media/readlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1619576857908&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmOGJhMWYzMS0xYzJhLTQyMjUtYTc4My04MmNhZmJlZThkM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5L%2Bh55So5Y2h57mz56iF5YSq5oOg5pC25YWI55yL44CA6Iqx5peX5paw5oi2MiXnj77ph5Hlm57ppYsgfCDolYPmlrDogZ4iLCJ0ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjEwNDI3MTAxNzkyIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im4ueWFtLmNvbSIsInRkX3BhdGgiOiIvQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiaW1hZ2UiOiIiLCJwdWJkYXRlIjoiIiwiZG9tYWluIjoibi55YW0uY29tIiwibWVkaWEiOiJuLnlhbS5jb20iLCJkZXZpY2UiOiJwYyIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJyZWFkX3JlIjoib3JnYW5pYyIsInJlYWRfc3RhdF90ZXh0Ijo4MDAsInJlYWRfc3RhdF9pbWFnZSI6MzMsInJlYWQiOjQwLCJyZWFkX3RpbWUiOjcuNywicG9waW5fdXNlcl9pZCI6IiIsInBpdWlkIjoiIiwiaW50ZXJhY3Rpb25fbnVtYmVyIjowfQ%3D%3D&callback=TreasureJSONPCallback5

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.28.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-28-141.compute-1.amazonaws.com

Software

Resource Hash

bf159b07789f89af2f1970d8cc076ca6e64efa97f8d09cd7b40527fec123104c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Wed, 28 Apr 2021 02:27:37 GMT
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK s.gif
rlog.popin.cc/ 35 B
264 B 287ms
287ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&uid=&nid=4TETMADP!LrB&media=n.yam.com&r1=40&r2=30&r3=text800|image33&r4=2&r5=re_organic|dv_pc&r6=8&r7=-6&t=1619576857908
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:38 GMT
Last-Modified: Thu, 29 Aug 2019 01:24:26 GMT
Server: nginx
ETag: "5d67294a-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

GET
H/1.1 200
OK 20200226%5C2020022602255594.jpg
vote.yam.com/imgfix/ Frame 78C5 45 KB
45 KB 197ms
197ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20200226%5C2020022602255594.jpg?h=250&w=0

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d3e319ce3ae69331e3309e7b76f0c06dbf3ecebd474cb71a2106163ccd46a56b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:37 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 28 Mar 2021 12:55:34 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=28895275
Content-Length: 46277
X-Xss-Protection: 1; mode=block
Expires: Mon, 28 Mar 2022 12:55:34 GMT

GET
H/1.1 200
OK 20200226%5C2020022602255594.jpg
vote.yam.com/imgfix/ Frame 78C5 45 KB
45 KB 192ms
191ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20200226%5C2020022602255594.jpg?h=250&w=0

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d3e319ce3ae69331e3309e7b76f0c06dbf3ecebd474cb71a2106163ccd46a56b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:38 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 28 Mar 2021 12:55:34 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=28895275
Content-Length: 46277
X-Xss-Protection: 1; mode=block
Expires: Mon, 28 Mar 2022 12:55:34 GMT

GET
H/1.1 200
OK 20200303%5C2020030306521772.jpg
vote.yam.com/imgfix/ Frame 78C5 36 KB
36 KB 191ms
190ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20200303%5C2020030306521772.jpg?h=250&w=0

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

1eb20e078ab3199a4139a3a1216b8d1db5974981c0061a1a90b543062315f1f0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:38 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 28 Mar 2021 12:55:38 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=28895279
Content-Length: 36765
X-Xss-Protection: 1; mode=block
Expires: Mon, 28 Mar 2022 12:55:38 GMT

GET
H/1.1 200
OK 20200320%5C2020032003555041.jpg
vote.yam.com/imgfix/ Frame 78C5 21 KB
21 KB 192ms
192ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20200320%5C2020032003555041.jpg?h=250&w=0

Requested by

Host: vote.yam.com
URL: https://vote.yam.com/CF/js/jquery.devrama.slider.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d1c4e7914250cd0668e63d09f2e3394b67168a91901fdde86cc401a13cf2fe00

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:42 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 28 Mar 2021 12:55:52 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=28895289
Content-Length: 21380
X-Xss-Protection: 1; mode=block
Expires: Mon, 28 Mar 2022 12:55:52 GMT

GET
H/1.1 200
OK 20200226%5C2020022602255594.jpg
vote.yam.com/imgfix/ Frame 78C5 45 KB
45 KB 193ms
192ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20200226%5C2020022602255594.jpg?h=250&w=0

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d3e319ce3ae69331e3309e7b76f0c06dbf3ecebd474cb71a2106163ccd46a56b

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:42 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 28 Mar 2021 12:55:34 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=28895271
Content-Length: 46277
X-Xss-Protection: 1; mode=block
Expires: Mon, 28 Mar 2022 12:55:34 GMT

GET
H/1.1 200
OK 20200320%5C2020032003555041.jpg
vote.yam.com/imgfix/ Frame 78C5 21 KB
21 KB 192ms
191ms Image
image/jpeg 52.230.1.186
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vote.yam.com/imgfix/20200320%5C2020032003555041.jpg?h=250&w=0

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.2.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.230.1.186 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d1c4e7914250cd0668e63d09f2e3394b67168a91901fdde86cc401a13cf2fe00

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://vote.yam.com/CF/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:42 GMT
X-AspNetMvc-Version: 5.2
Last-Modified: Sun, 28 Mar 2021 12:55:52 GMT
Content-Type: image/jpeg
Cache-Control: public, max-age=28895289
Content-Length: 21380
X-Xss-Protection: 1; mode=block
Expires: Mon, 28 Mar 2022 12:55:52 GMT

GET
H/1.1 200
OK readlogs Show response
in.treasuredata.com/js/v3/event/popin_media/ 89 B
515 B 129ms
128ms Script
application/javascript 3.229.28.141
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://in.treasuredata.com/js/v3/event/popin_media/readlogs?api_key=8378%2F25839e06ce4cc1cab55c1c1f1e49d336d6d1d48f&modified=1619576863908&data=eyJ0ZF9nbG9iYWxfaWQiOiJ0ZF9nbG9iYWxfaWQiLCJ0ZF92ZXJzaW9uIjoiMS43LjEiLCJ0ZF9jbGllbnRfaWQiOiJmOGJhMWYzMS0xYzJhLTQyMjUtYTc4My04MmNhZmJlZThkM2IiLCJ0ZF9jaGFyc2V0IjoidXRmLTgiLCJ0ZF9sYW5ndWFnZSI6ImVuLXVzIiwidGRfY29sb3IiOiIyNC1iaXQiLCJ0ZF9zY3JlZW4iOiIxNjAweDEyMDAiLCJ0ZF92aWV3cG9ydCI6IjE2MDB4MTIwMCIsInRkX3RpdGxlIjoi5L%2Bh55So5Y2h57mz56iF5YSq5oOg5pC25YWI55yL44CA6Iqx5peX5paw5oi2MiXnj77ph5Hlm57ppYsgfCDolYPmlrDogZ4iLCJ0ZF91cmwiOiJodHRwczovL24ueWFtLmNvbS9BcnRpY2xlLzIwMjEwNDI3MTAxNzkyIiwidGRfdXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNiIsInRkX3BsYXRmb3JtIjoiTGludXggeDg2XzY0IiwidGRfaG9zdCI6Im4ueWFtLmNvbSIsInRkX3BhdGgiOiIvQXJ0aWNsZS8yMDIxMDQyNzEwMTc5MiIsInRkX3JlZmVycmVyIjoiIiwidGRfaXAiOiJ0ZF9pcCIsInRkX2Jyb3dzZXIiOiJ0ZF9icm93c2VyIiwidGRfYnJvd3Nlcl92ZXJzaW9uIjoidGRfYnJvd3Nlcl92ZXJzaW9uIiwidGRfb3MiOiJ0ZF9vcyIsInRkX29zX3ZlcnNpb24iOiJ0ZF9vc192ZXJzaW9uIiwiaW1hZ2UiOiIiLCJwdWJkYXRlIjoiIiwiZG9tYWluIjoibi55YW0uY29tIiwibWVkaWEiOiJuLnlhbS5jb20iLCJkZXZpY2UiOiJwYyIsImFwaV9ob3N0IjoidHcucG9waW4uY2MiLCJyZWFkX3JlIjoib3JnYW5pYyIsInJlYWRfc3RhdF90ZXh0Ijo4MDAsInJlYWRfc3RhdF9pbWFnZSI6MzMsInJlYWQiOjUwLCJyZWFkX3RpbWUiOjEzLjcsInBvcGluX3VzZXJfaWQiOiIiLCJwaXVpZCI6IiIsImludGVyYWN0aW9uX251bWJlciI6MH0%3D&callback=TreasureJSONPCallback6

Requested by

Host: api.popin.cc
URL: https://api.popin.cc/td_js_sdk_171.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.229.28.141 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-3-229-28-141.compute-1.amazonaws.com

Software

Resource Hash

3fe997aed749e218ce183c0ae64cb07a1389d762d0933c13594784382740e46b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Connection: keep-alive
P3P: CP="This is not a P3P policy! See https://docs.treasuredata.com/articles/p3p"
Date: Wed, 28 Apr 2021 02:27:43 GMT
Content-Length: 89
Content-Type: application/javascript

GET
H/1.1 200
OK s.gif
rlog.popin.cc/ 35 B
264 B 288ms
288ms Image
image/gif 119.63.198.188
BAIDUJP Baidu

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rlog.popin.cc/s.gif?url=https%3A%2F%2Fn.yam.com%2FArticle%2F20210427101792&uid=&nid=4TETMADP!LrB&media=n.yam.com&r1=50&r2=40&r3=text800|image33&r4=6&r5=re_organic|dv_pc&r6=14&r7=-8&t=1619576863907
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.63.198.188 , Japan, ASN38627 (BAIDUJP Baidu, Inc., JP),
Reverse DNS
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://n.yam.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 28 Apr 2021 02:27:44 GMT
Last-Modified: Thu, 29 Aug 2019 01:24:26 GMT
Server: nginx
ETag: "5d67294a-23"
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 35

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vote.yam.com
URL: https://vote.yam.com/CF/index.html

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:53:00	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-20 03:14:32	Name: IDE Value: AHWqTUnFi-8nSUKUoZ6URjAFUH_sgNjhSgsGFGYfZOj03fTZysGSw5cMzGKb4SAHy10
.vote.yam.com/	1969-12-31 23:59:59	Name: ARRAffinitySameSite Value: fe0131188d0d8f5d73dcfe80d52622f03cc3e387d146b0ac5101928f37ee6535
.vote.yam.com/	1969-12-31 23:59:59	Name: ARRAffinity Value: fe0131188d0d8f5d73dcfe80d52622f03cc3e387d146b0ac5101928f37ee6535
vote.yam.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: k14haqhdmi3isucide341hy1
.yam.com/	1970-01-20 11:24:08	Name: _td Value: f8ba1f31-1c2a-4225-a783-82cafbee8d3b
.yam.com/	1970-01-20 03:14:32	Name: __gads Value: ID=f450acfb2eaa15d8-22d0781af6c70008:T=1619576849:S=ALNI_Maz-FbvuX8VcnEDxRvCxRFyx4TrWA
.facebook.com/	1970-01-19 20:02:32	Name: fr Value: 05Um0CFSAyDOu94da..BgiMgR...1.0.BgiMgR.
.yam.com/	1970-01-20 02:38:32	Name: _ss_pp_id Value: 402e5c7ad1fede870901619569649811
.yam.com/	1970-01-20 11:24:08	Name: _ga Value: GA1.2.1252067354.1619576849
.yam.com/	1970-01-19 17:52:56	Name: _gat_gtag_UA_16227618_1 Value: 1
n.yam.com/	1970-01-19 17:52:58	Name: ai_session Value: MIhao\|1619576849514.485\|1619576849514.485
n.yam.com/	1970-01-20 02:38:32	Name: ai_user Value: 4RruC\|2021-04-28T02:27:29.332Z
.yam.com/	1970-01-19 17:54:23	Name: _gid Value: GA1.2.950072933.1619576849

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 2) Message: [adGeek][DFP] init DFP class
console-api	debug	URL: https://player.ivideosmart.com/ivsplayer/v3/12.bundle.chunk.js(Line 1) Message: [bugsnag] Loaded!
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://n.yam.com/Article/20210427101792
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://n.yam.com/Article/20210427101792
console-api	log	URL: https://player.ivideosmart.com/ivsplayer/v3/12.bundle.chunk.js(Line 1) Message: [adGeek][DFP] /22074138688/n.yam_content_bottom use defineSlot()
console-api	log	URL: https://player.ivideosmart.com/ivsplayer/v3/12.bundle.chunk.js(Line 1) Message: [adGeek][DFP] insert slot, id: adGeek-slot-div-gpt-ad-1600756297050-0
console-api	log	URL: https://player.ivideosmart.com/ivsplayer/v3/12.bundle.chunk.js(Line 1) Message: [adGeek][DFP] display ad slots
console-api	log	URL: https://player.ivideosmart.com/ivsplayer/v3/12.bundle.chunk.js(Line 1) Message: [adGeek][DFP] display slot, AdUnitPath: /22074138688/n.yam_content_bottom
console-api	log	URL: https://player.ivideosmart.com/ivsplayer/v3/12.bundle.chunk.js(Line 1) Message: error construct widget
console-api	log	URL: https://player.ivideosmart.com/ivsplayer/v3/12.bundle.chunk.js(Line 1) Message: protected error

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0048ee4930edb1ec8f8f6d51809a6b15.safeframe.googlesyndication.com
admd.yam.com
adservice.google.com
adservice.google.pl
api.popin.cc
az416426.vo.msecnd.net
cdn.ampproject.org
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
data.ad-score.com
dc.services.visualstudio.com
dsum-sec.casalemedia.com
go.trvdp.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
in.treasuredata.com
inrecsys.popin.cc
log.popin.cc
n.yam.com
pagead2.googlesyndication.com
player.ivideosmart.com
r.popin.cc
rlog.popin.cc
s.trvdp.com
s0.2mdn.net
securepubads.g.doubleclick.net
sessions.bugsnag.com
static.xx.fbcdn.net
stg.truvidplayer.com
sync.teads.tv
tpc.googlesyndication.com
track.adform.net
tw.popin.cc
us-u.openx.net
vote.yam.com
weather.yam.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
yamnews.blob.core.windows.net
vote.yam.com
104.111.242.245
119.63.198.143
119.63.198.172
119.63.198.188
119.63.198.189
13.32.21.49
13.69.65.23
13.76.41.74
13.76.85.56
130.211.115.4
142.250.185.162
142.250.186.34
142.250.186.98
185.33.221.53
192.229.233.139
2.18.234.21
2001:4de0:ac18::1:a:2a
2600:1901:0:7a0b::
2600:9000:206f:9a00:d:3c0f:bcc0:93a1
2600:9000:211e:f000:3:7e1c:5b40:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:803::2001
2a00:1450:4001:803::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82f::200e
2a02:26f0:10::214:8f06
2a03:2880:f042:10:face:b00c:0:3
2a03:2880:f142:82:face:b00c:0:25de
3.229.28.141
35.244.159.8
37.157.6.246
52.230.1.186
52.239.128.36
088918082f62717d37a1d62e8a251e9a4e10d036090fddbbba37ca7bc03335fd
0955c5e32056ba9afe33469fad11ea258f558b6661a2cd5ca06cf26fb9f93717
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d75d3dc9e3da98bf18b49378b9ed3e8d75aad6093e856d318f49c19272e7b9c
0dc4093b6b9286ebfc6c728ddd3a70812a726d79d6f41d60a506fd5b93c4929c
0e48542bb490c1f521178a7be1a31ec70ad2540e5e0acc08624c6808e07b5d06
0f93db846422aa8c72de38cbb2819358b78560e09242696224b08b0dd84af1c5
106fffd94d1d8291649b3e1b11cb69d5114787f470c37030ab1970feb2d79bcd
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12b4a9ffacb8d63ac697265521f24ec0449d247db36829db247d4772bfae12ec
149ffde0cc4b2f720a361d1198d61319766bc657e7a6ee9dbc36bce8d131a6f4
1655a16462aefd8ddafed3e67e58288cca40bcfecdf58be3bb9f1bf7512b81ec
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
180c7cb3d801ef8f115e4800430b2622d76002c39c32495b8aa6cc0b865f0a00
19bfbd81c70637ae0a6fe5f07f112bdab13cf9c2ea5d54b70320df8f54fcc07b
19e63a64055145811f19b89020689bb5230a3b8d957455044ddcbf4d7308fe63
1a5c2fa2d8e0049a5441859cb008db4b6c6fcffe73976225b6e2bfe08ed0f9cd
1a7e018ff44a710b6aaa28b71ec8849258d3608c0fa9b6cb0894e9c4cea0e150
1b1538ae50fd4837b2d666c53c2001e9d17900be96afe29ad6e0959be25e7406
1e7ba7486df51b247d667ddfef156c72ed4f149a3693b1ca9be424f2ea680a50
1eb20e078ab3199a4139a3a1216b8d1db5974981c0061a1a90b543062315f1f0
1f31c3a312f6562a0c0b8e5dc59e1308cfb39e4ac9996f73459f4c4645e6d958
20b7efa85f61ef7ed2b2a29f97c40b2d8c698442e6671058ef3af71ed882b104
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
225ab51198295a08d347653548b66b710fe116b2b577b7e9382ff7b65e8dc268
24a0efd193f41e0a7ced33123901e02bf5fb80488ee228d67f8975701c0a6f78
24bfe71ebe171f665e83c3d5c30192b307a583d9c05cdb9d84b311cbceb2cdeb
265e5a9cd200d817243b551698faca221a91745ad3a2db7cb236d9a27d3f54f7
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3aa9f235c06f8205b4b91091c02bbb8c8a23b12fafa257f68aecc4be22e8b7c0
3ab46f0ba626e531d6055df47d8aad50a1744cf637fca3c68e8c59f812578fd9
3b3446a0e1254ba70508b10b7ea5bfbd60e42f22c1bdba89a421a72d25aed643
3d00bfeea80983c9ff4eb0438b76f2e7242c288fa5fb83c938be74893fad5a5b
3ea0268ca6a1d91fa74667c02046dcf364d64600c483c0ac3ac4a9b7c7a2e190
3fe997aed749e218ce183c0ae64cb07a1389d762d0933c13594784382740e46b
42e804d52ad4f9122df9e091e6bee7c895c2a8999a8a519b0908e5a094be4748
439ab67fa3c312bb442bed574ea79be834dbd92f3bd7d2288b6f3fce4d0afb0c
460623a8ce1a4793f0e26bb48b9db73ef3da9214c575a8b7a6c137b5bb535412
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4d4f55e86aaaec67ff475cd585c6a8be05c07e1075ef07fe5bc3cc7fb476a76a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
535c0cbf7d9ba30714479b2fbc3c5c6f8aac89d1aebe4280d1026d1fa29c7d72
536429eab51aaed2d0386c52000bbe9877a97bb7c825381fefbbdf2ae0c22007
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
54c6c3362bab491f24ca51c82494dbda9cbeb9e11be129697c65b3f8fc854ff7
55a78e38cdd095b28dbeacfa443bfecdb91046511f1cdef4a41c4128a20c0761
5b067a9b351b13f9c76cc0d3f8a3ed15b86e58b4f0038fd22514f5a169ec07d1
6040da2153e1340940e882e111553f77e29f299d18f42cc99dd9244713b96171
63649b0266963dc62ef62f4f019da966ae28076f19d7d6b97244a9400cbed560
654b8fbb3beb01a6f08eb873015b728be6ac596b9d51f6c65dbf728e22441e0e
6753ab9ab14844d0e9ecbbf13df7accf525291cef950547034e5ab67be9e508e
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6a46e194a943a0fe9c3e0f39b74d343aa3718a05b88baf188a097e6ce5f4e877
6a780c5fa5c99f71f5c5f711477fffc2e6c453995ce779d3f66a8d74c6983141
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6414ec1f58ce4a0475014dd742c1382f163931d7ad64a64386027e1dd53faf
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6ff86fa588f690969984f7671b0aadf8201da6bdebb4f7f06a682f8379871fcf
708327e1b482f8d980aec658d3cb1dd18d60fe4629e24d17c3fdc63480f0d4bb
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
7496729d9b749dea92c7f4d87278bb04cee9b2ac60c5591b68aef05dd861e08c
80b410ec29856b8a73f32c11d586a7fe30fb0398b485d41420144b217ccdf930
810fd98b65b7fab1ebd27816f8409ef63cd341dee5e59766d694e002a49cafa2
8246297b958c38c4ce4902ff522c1e9192ec9b35c883587b22533f78b57e1d28
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849d0cde47450bead63722e7f6b938226b2bbb65e5d9ec606c6ecfe367e922aa
84e80159fc0f0e914229e9916e1c85cb59b2a6af77d53d6b528bf464ef9aeb3b
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8959cbb31bc9bfc1725be63c62be12e61153d1323bcbbd72583a920cbdde82a3
8967d3c162eee5fc9e46d1bf74ac9f5dcaeac787d7f5d3bb90a94f85ea3f279b
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
95901cd872570c226a2a131e926a275006f1d37e2dfbda1e6d004b1b0d6a4568
9640c812cd205b51cb3157c1afd6bd9ca61456b6b7e950b638b10a3ad1374ad1
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
9c969585d5dedeaa55170267800d6d1af5673e449c64c103e6336ee8a09348a5
9d5cbcadd2608ad6a3d4736c41b799d5b02635ff9443c32282a901c1efe0e2b5
9f714fe4238276cbacceb8400a76d9c33a9fb83e4abecdc52aebe8ee87772781
9f732096ea81339f77c9a8d15d118acee57d6cf2e2c2813456daa49ed4660a9d
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0682a63b832d3473c0eca3dce6a3b09909c0deb86eb24df79d766221e37b5bd
a210e1ad2e4ae8010dbe5f9ac8b5291a26cd6ebb7a4851cb0b977092289c0413
a24e4d62c6d4273eebbda3084b7bd7ce3991332fa2685858e32d188588bec92b
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ac0fd75bb413471276f5f9b2a919915a2eff38553fb71b72222cf562831488
a5c96c91c4ab2c0572ec8371c0f49d9f722eb71ae47224f29eabadf59f5fabe8
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac61dced6a8cf397249219b9a70609ac5d8de7289ef6f507bc22340090db2a92
afa7b77bbc0a91fcc3a2a03bd4fa2dbab341ed7c8918a76162c43ef124e63a02
b0c2c3beb23532abc23c7a7a9db587a0ecbbc0e7984842c18783edc23e3efa94
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a7346cae0525400bb6539496990f7de2ee33862cb6e38fd82f0e463d367e1a
b4515b8f273639bb116e123e614d446918aca49d7216151885da47a90370e837
b470a9ccb87f12a1e884dd7b83f52df6cbaabd71f89b9d844e94df1da9f76623
b586b6299996b546ef44061c1c8d4d0c180b68454d475936079695bf90e8c8a4
b69490c3cdd5a107d368561dd854808ec12e08c01e38f807638ee1a09332feaa
ba44cdbcfe1363caf6f1ab3bf350e9141ea3f893c6952e0dbb48537141e3bdad
bd02724ce784c8b273e88c3f80dca01a8747634d2155d29790ed2e3660d259a7
be9eb92769d4f24337035eb54b83af8297f9ee951db2821b5b7a640c002d3d58
bf159b07789f89af2f1970d8cc076ca6e64efa97f8d09cd7b40527fec123104c
bf33a59b2f9d9e186e724280e299907c67da1139abba4f45bb38b4180e6e60cb
c26297a3bbe1950afc0acc3dacb50a81666db32c05a468b8efce74339c35a921
c2ebf96506711c4b9b24086ae8d973caff7802f7322f52cea2c5c57c66601fbf
c45efbafbdd63225cd5d53367a7764a9b1c495e496ad5628bdb1d0b9a585d830
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c6b7d44e935222eb6427ff28cdecbeb83292ecf0c75f67ae17a3f228d8389125
c798c598169780ea0fb0f0498964d551bd1a0c8f19bfa05221de14452ff74bea
c99442f2685ab85f1219dc1da3b9ce48891300e612914f862d85f5ea372e38e6
ca71ea48130126151c7bb6ae861a878d386eef42a940fd193e672c304357b063
ce1f3c592fb1fa8ec36e24e94c7ee1078b7b5cce37aa1f2dfad408e48f7bc83d
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1c4e7914250cd0668e63d09f2e3394b67168a91901fdde86cc401a13cf2fe00
d29ff1a0d107b4a6a4508c99edb4b7783e2813b98d0a999ac4fbce8915b1cd66
d3e319ce3ae69331e3309e7b76f0c06dbf3ecebd474cb71a2106163ccd46a56b
d5ec6146df534725cab6d0c1d9ac2e7f7341ee491fb9dcef6ea3a40ef153aec5
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d76c09ea49a67623c581149d87ec821d813b9302aea4f871df16156cd1d28a53
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e
d956cecbc72546f6be9165e71ea6fe0e30c83274da131e88a4b8c12c2d6d540d
dce196c44d8bd79fea22e1c0419f9f56da0c70d65de227c00043ae1834282dcb
e0e2d7cefffb4d70cc26783bdb91ad8d563733ee196f63e5b99a870b14efd126
e0fad38c04932f3e71581d5ca798b326778fc0e54e3823de3b0f9eddbef0892e
e39f4d0766632aea74b7e75ca572ac66208ffbce5582069a9c1ef9ebbe69d0b0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a175f8274c88f6f679e2e99e6150a94cb4a7ce7995aa529bc92da7fec4c742
e70d938561bf4d2cc26cb6f7db5634c5c1cc7c5f2c21fa330185739cf07e126d
ea4d8446159d1f71f8dad379c62fe855418b1a7ea0ecdaa5815fb72a8c8ea08c
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
ed70c771eb14ec7d0c11178ea50022df2f18425bff880facc66519e05e6189fd
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f264a2c44e34e93ddc50f931c4fdb5544444d62577949d0b6f2c3376d73fa288
f2788c1e64704c218ea4cd7565a231d2ae57cc309c824cd1029fb40729914e78
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
fa08075c279cbeb20720e6e5347169bca61f0bef32cdbdfc7c1240cee65dbf6e
fbc3c76eef40972f6aafba539e386318e6182fab2664f0ed23a60c8725aad6dd
fbfe2a383821741218d136b973d329bb4286706540853642b5c5e0d7c12d7708
ffd2a11d59a7fbb41a2008eb97336977f9f37ebe8156cd8adc4a9ac24b96dc78

n.yam.com Open in urlscan Pro 13.76.85.56 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

231 Requests

100 %HTTPS

49 %IPv6

29 Domains

44 Subdomains

42 IPs

7 Countries

4810 kBTransfer

11706 kBSize

14 Cookies

30 Outgoing links

Redirected requests

231 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

n.yam.com Open in urlscan Pro
13.76.85.56 Public Scan

Screenshot
Live screenshot

Full Image

231
Requests

100 %
HTTPS

49 %
IPv6

29
Domains

44
Subdomains

42
IPs

7
Countries

4810 kB
Transfer

11706 kB
Size

14
Cookies

231 HTTP transactions
7 data transactions