yayabo.net Open in urlscan Pro
150.95.52.118 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://preomietkarov.sk/wp-content/plugins/ceske-sluzby-master/includes/option.php?r=bD1odHRwczovL3lheWFiby5uZXQvdW5kZXJ...
Effective URL:
https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
Submission: On February 11 via manual (February 11th 2021, 10:06:38 pm UTC) from US

Summary HTTP 70 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 11 domains to perform 70 HTTP transactions. The main IP is 150.95.52.118, located in Japan and belongs to INTERQ GMO Internet,Inc, JP. The main domain is yayabo.net.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 31st 2020. Valid for: 3 months.

This is the only time yayabo.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	159.69.155.82 159.69.155.82	24940 (HETZNER-AS) (HETZNER-AS)
20	150.95.52.118 150.95.52.118	7506 (INTERQ GM...) (INTERQ GMO Internet)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	202.228.215.70 202.228.215.70	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
8	202.228.215.62 202.228.215.62	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
2	14.0.42.22 14.0.42.22	54994 (QUANTILNE...) (QUANTILNETWORKS)
70	10

1 159.69.155.82 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: plesk.neting.sk

preomietkarov.sk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 150.95.52.118 (Japan)

ASN7506 (INTERQ GMO Internet,Inc, JP)
PTR: jp16h.mixhost.jp

yayabo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 202.228.215.70 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: x4.shinobi.jp

x7.shinobi.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 202.228.215.62 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
PTR: swarm.shinobi.jp

asumi.shinobi.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 14.0.42.22 (Osaka, Japan)

ASN54994 (QUANTILNETWORKS, US)

cnobi.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	347 KB
20	yayabo.net yayabo.net	105 KB
10	shinobi.jp x7.shinobi.jp asumi.shinobi.jp	5 KB
6	doubleclick.net googleads.g.doubleclick.net	38 KB
2	cnobi.jp cnobi.jp	14 KB
2	googletagservices.com www.googletagservices.com	60 KB
2	google.com 1 redirects adservice.google.com www.google.com	1 KB
1	google.de adservice.google.de	803 B
1	googleadservices.com partner.googleadservices.com	640 B
1	googleapis.com ajax.googleapis.com	33 KB
1	preomietkarov.sk preomietkarov.sk	380 B
70	11

	Domain	Requested by
20	yayabo.net	yayabo.net
18	tpc.googlesyndication.com	preomietkarov.sk googleads.g.doubleclick.net tpc.googlesyndication.com yayabo.net pagead2.googlesyndication.com
8	asumi.shinobi.jp	x7.shinobi.jp asumi.shinobi.jp yayabo.net
7	pagead2.googlesyndication.com	yayabo.net pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com preomietkarov.sk googleads.g.doubleclick.net
2	cnobi.jp	asumi.shinobi.jp yayabo.net
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	x7.shinobi.jp	yayabo.net x7.shinobi.jp
1	www.google.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ajax.googleapis.com	yayabo.net
1	preomietkarov.sk
70	14

This site contains links to these domains. Also see Links.

Domain
www.ninja.co.jp

Subject Issuer	Validity	Valid
yayabo.net cPanel, Inc. Certification Authority	`2020-12-31` - `2021-03-31`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.shinobi.jp R3	`2021-02-05` - `2021-05-06`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
support21.cdnetworks.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-28` - `2021-11-16`	a year	crt.sh

This page contains 8 frames:

Primary Page: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
Frame ID: 4D397FB5B05ADF608BCF80FB190D9962
Requests: 43 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html
Frame ID: FF9AB39C156A405BFE398200500EB50F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&h=280&slotname=7815103516&adk=3432339691&adf=2008460769&pi=t.ma~as.7815103516&w=860&fwrn=4&fwrnh=100&lmt=1538201289&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613081182956&bpp=69&bdt=534&idt=165&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=580597096918&frm=20&pv=2&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=370&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fw9E4lATlL&p=https%3A//yayabo.net&dtd=185
Frame ID: 295784E7B6914A8AF93B4FEB66E25894
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/970x250_Crypto_CYSEC.html
Frame ID: B96C60469CE2E8B88390FBB88947AF54
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CkC6iX6olYOzMCtT_ZeWIjLAKs5DEsGGrmtuwlA2Wgs2FiBYQASCe0dcmYJUCoAHq3IDRAsgBCakCjy4L2VABqj6oAwHIA0iqBLsBT9AzdtjD2K9FG0WjvSVnEdfZSdX79sY_3_KGQ3cylK0lIPgodVECQ1G2d68vgr_19ZGzDa6L7eOpP-nqr9FIjcpr_Zsue-MX_Y0eltuIwQfHt_DiEIIwrJzq1jsWmGDj4Qae-5YwIEmiU120kMbu0Z2tnEEZ0997xWvNjtbK1E31eAKKAfvMxFPTpudtpqA8uCUXlthtJPpRGf1fOdq3qrvXHfLm6ByzPECFBcGpsY5vEotiEOZihtDqu8AE0IzZ5roDkgUECAQYAZIFBAgFGASgBi6AB_6i_64BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELe0INIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0xOTA5ODc2ODUxNDE3NTQ3&sigh=EWjNQK_ZdDM&template_id=419&tpd=AGWhJmsxvfVMsWx46su_WHnvsuNdL3i86NaS3I1TkWacwLbrMA
Frame ID: 1FDFC371719B148AFC96FFC47D177C48
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 7905A6193C884632AD923B0BE2608250
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&adk=1812271804&adf=3025194257&lmt=1538201289&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1613081186204&bpp=2&bdt=3782&idt=2&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=860x280&nras=1&correlator=580597096918&frm=20&pv=1&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=7
Frame ID: 5A5DACE77BADB956F854DA0DF7C6B87D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: BB1CD19B9CCDEA1706D1E5CB39CD0ECC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://preomietkarov.sk/wp-content/plugins/ceske-sluzby-master/includes/option.php?r=bD1odHRwczovL3l... Page URL
https://yayabo.net/undercook.php?v1=HwVOQxZLSQBsXh0bQBVNXgsCEkNB Page URL
https://yayabo.net/undercook.php?v1=HwVOQxZLSQBsXh0bQBVNXgsCEkNB Page URL
https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

70
Requests

99 %
HTTPS

40 %
IPv6

11
Domains

14
Subdomains

10
IPs

3
Countries

605 kB
Transfer

1702 kB
Size

2
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ninja.co.jp/?utm_source=analyze&utm_medium=banner&utm_content=analyze01&utm_campaign=userpage

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://preomietkarov.sk/wp-content/plugins/ceske-sluzby-master/includes/option.php?r=bD1odHRwczovL3lheWFiby5uZXQvdW5kZXJjb29rLnBocCZ2MT1Id1ZPUXhaTFNRQnNYaDBiUUJWTlhnc0NFa05C Page URL
https://yayabo.net/undercook.php?v1=HwVOQxZLSQBsXh0bQBVNXgsCEkNB Page URL
https://yayabo.net/undercook.php?v1=HwVOQxZLSQBsXh0bQBVNXgsCEkNB Page URL
https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

70 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK option.php Show response
preomietkarov.sk/wp-content/plugins/ceske-sluzby-master/includes/ 109 B
380 B 115ms
78ms Document
text/html 159.69.155.82
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://preomietkarov.sk/wp-content/plugins/ceske-sluzby-master/includes/option.php?r=bD1odHRwczovL3lheWFiby5uZXQvdW5kZXJjb29rLnBocCZ2MT1Id1ZPUXhaTFNRQnNYaDBiUUJWTlhnc0NFa05C
Protocol: HTTP/1.1
Server: 159.69.155.82 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: plesk.neting.sk
Software: nginx / PHP/7.4.15 PleskLin
Resource Hash: 7844cd2882dbf5266813c2a83925e4741f3874569ca0d144a7faac739eb3ceeb

Request headers

Host: preomietkarov.sk
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Thu, 11 Feb 2021 22:06:20 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 127
Connection: keep-alive
X-Powered-By: PHP/7.4.15 PleskLin
Vary: Accept-Encoding
Content-Encoding: gzip

GET
H2 200 undercook.php Show response
yayabo.net/ 754 B
683 B 1107ms
272ms Document
text/html 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://yayabo.net/undercook.php?v1=HwVOQxZLSQBsXh0bQBVNXgsCEkNB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed / PHP/7.0.33
Resource Hash: 2777c710350668010542846968025d642d40984fa87ad21b3b175c0d2f7e0b31

Request headers

:method: GET
:authority: yayabo.net
:scheme: https
:path: /undercook.php?v1=HwVOQxZLSQBsXh0bQBVNXgsCEkNB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://preomietkarov.sk/wp-content/plugins/ceske-sluzby-master/includes/option.php?r=bD1odHRwczovL3lheWFiby5uZXQvdW5kZXJjb29rLnBocCZ2MT1Id1ZPUXhaTFNRQnNYaDBiUUJWTlhnc0NFa05C
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://preomietkarov.sk/wp-content/plugins/ceske-sluzby-master/includes/option.php?r=bD1odHRwczovL3lheWFiby5uZXQvdW5kZXJjb29rLnBocCZ2MT1Id1ZPUXhaTFNRQnNYaDBiUUJWTlhnc0NFa05C

Response headers

x-powered-by: PHP/7.0.33
content-type: text/html; charset=UTF-8
content-length: 417
content-encoding: br
vary: User-Agent
date: Thu, 11 Feb 2021 22:06:21 GMT
server: LiteSpeed
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000

GET
H2 200 undercook.php Show response
yayabo.net/ 848 B
545 B 813ms
812ms Document
text/html 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://yayabo.net/undercook.php?v1=HwVOQxZLSQBsXh0bQBVNXgsCEkNB
Requested by: Host: yayabo.net
URL: https://yayabo.net/undercook.php?v1=HwVOQxZLSQBsXh0bQBVNXgsCEkNB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed / PHP/7.0.33
Resource Hash: 9b2ca2878bb384611a5a4d095b82c0da13be50bbb1269cfccb150540069f1d13

Request headers

:method: GET
:authority: yayabo.net
:scheme: https
:path: /undercook.php?v1=HwVOQxZLSQBsXh0bQBVNXgsCEkNB
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://yayabo.net/undercook.php?v1=HwVOQxZLSQBsXh0bQBVNXgsCEkNB
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: d=60; n=Europe/Berlin
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://yayabo.net/undercook.php?v1=HwVOQxZLSQBsXh0bQBVNXgsCEkNB

Response headers

x-powered-by: PHP/7.0.33
content-type: text/html; charset=UTF-8
content-length: 483
content-encoding: br
vary: User-Agent
date: Thu, 11 Feb 2021 22:06:22 GMT
server: LiteSpeed

GET
H3-Q050 200 Primary Request / Show response
yayabo.net/ 3 KB
1 KB 259ms
259ms Document
text/html 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: 93ac06c86785df554397c87f6ef6150c851e3ed2be252c754ba3588e6eaa7842

Request headers

:method: GET
:authority: yayabo.net
:scheme: https
:path: /?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://yayabo.net/undercook.php?v1=HwVOQxZLSQBsXh0bQBVNXgsCEkNB
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: d=60; n=Europe/Berlin
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://yayabo.net/undercook.php?v1=HwVOQxZLSQBsXh0bQBVNXgsCEkNB

Response headers

content-type: text/html
last-modified: Sat, 29 Sep 2018 06:08:09 GMT
accept-ranges: bytes
content-encoding: br
vary: User-Agent
content-length: 1152
date: Thu, 11 Feb 2021 22:06:22 GMT
server: LiteSpeed

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ 90 KB
33 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.9.1/jquery.min.js

Requested by

Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 15:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22855
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33018
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 15:45:27 GMT

GET
H3-Q050 200 config.js Show response
yayabo.net/js/ 2 KB
960 B 263ms
262ms Script
application/javascript 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://yayabo.net/js/config.js
Requested by: Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: 5bebd6a600d07338bb28632f313583c442772c390029946d7e6c99a48aa21c4c

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:22 GMT
content-encoding: br
last-modified: Sat, 29 Sep 2018 06:11:16 GMT
server: LiteSpeed
vary: User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 896
expires: Thu, 18 Feb 2021 22:06:22 GMT

GET
H3-Q050 200 jquery.easing.1.3.js Show response
yayabo.net/js/ 9 KB
3 KB 263ms
262ms Script
application/javascript 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://yayabo.net/js/jquery.easing.1.3.js
Requested by: Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: 61392609c7bc1e104256ba13e818718c73b6f147b3b15b3b1775c6a4432bce77

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:22 GMT
content-encoding: br
last-modified: Sat, 29 Sep 2018 06:11:19 GMT
server: LiteSpeed
vary: User-Agent
content-type: application/javascript
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2610
expires: Thu, 18 Feb 2021 22:06:22 GMT

GET
H3-Q050 200 styles.css
yayabo.net/ 48 KB
8 KB 259ms
259ms Stylesheet
text/css 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://yayabo.net/styles.css
Requested by: Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: a7d1cf069d2e1778a6c3370b74be66ba1ad80e382b9f7db6222cdb0e1a45b0d7

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:22 GMT
content-encoding: br
last-modified: Sat, 29 Sep 2018 06:08:21 GMT
server: LiteSpeed
vary: User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 8297
expires: Thu, 18 Feb 2021 22:06:22 GMT

GET
H3-Q050 200 textstyles.css
yayabo.net/css/ 9 KB
2 KB 262ms
261ms Stylesheet
text/css 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://yayabo.net/css/textstyles.css
Requested by: Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: e3c5b6ea212b13f6677949f685a851936417e8a16af58a5820c115a2c0937a09

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:22 GMT
content-encoding: br
last-modified: Sat, 29 Sep 2018 06:08:32 GMT
server: LiteSpeed
vary: User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1683
expires: Thu, 18 Feb 2021 22:06:22 GMT

GET
H3-Q050 200 header.jpg
yayabo.net/img/ 78 KB
78 KB 259ms
259ms Image
image/jpeg 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yayabo.net/img/header.jpg
Requested by: Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: 23ef6ffff53295516a8a425cc9926d9bfc232c82604591a30751ac9d2a06f3c6

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:22 GMT
last-modified: Sat, 29 Sep 2018 06:09:35 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 80301
expires: Thu, 18 Feb 2021 22:06:22 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 135 KB
48 KB 57ms
37ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab42ff31d07c36ec69c448d804ee5b0204822d8ae24c49a00b0c5fe117467e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48410
x-xss-protection: 0
server: cafe
etag: 10670273244432943938
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Feb 2021 22:06:22 GMT

GET
H2 200 109452600 Show response
x7.shinobi.jp/ufo/ 7 KB
3 KB 1058ms
267ms Script
application/x-javascript 202.228.215.70
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://x7.shinobi.jp/ufo/109452600
Requested by: Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.70 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: x4.shinobi.jp
Software: openresty /
Resource Hash: 0f1cabd80bab1dc7221b612d030238ce246a32a93e3de1c7f9a5ff07bff20ca4

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
content-encoding: gzip
last-modified: Fri, 08 Mar 2019 00:48:51 GMT
server: openresty
content-length: 2567
vary: Accept-Encoding
content-type: application/x-javascript

GET
H3-Q050 200 tables.css
yayabo.net/css/ 7 KB
2 KB 260ms
260ms Stylesheet
text/css 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://yayabo.net/css/tables.css
Requested by: Host: yayabo.net
URL: https://yayabo.net/styles.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: 5e5c91877e26924918d20cacf7e826358b9eed325d80b63c3cdb5180f3a42bf8

Request headers

Referer: https://yayabo.net/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:22 GMT
content-encoding: br
last-modified: Sat, 29 Sep 2018 06:08:30 GMT
server: LiteSpeed
vary: User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1683
expires: Thu, 18 Feb 2021 22:06:22 GMT

GET
H3-Q050 200 commonstyles.css
yayabo.net/css/ 11 KB
2 KB 261ms
261ms Stylesheet
text/css 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to

Full URL: https://yayabo.net/css/commonstyles.css
Requested by: Host: yayabo.net
URL: https://yayabo.net/styles.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: ca32b467427c3856bde336bfe9039a2f57e202cad88c510e498945b5152d0afb

Request headers

Referer: https://yayabo.net/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:22 GMT
content-encoding: br
last-modified: Sat, 29 Sep 2018 06:08:27 GMT
server: LiteSpeed
vary: User-Agent
content-type: text/css
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2293
expires: Thu, 18 Feb 2021 22:06:22 GMT

GET
H3-Q050 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/ 226 KB
86 KB 70ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

094eb70f761bc25fd6594b69e51efffc9b5430cfaad125f2e82bfd4009895f43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 86814
x-xss-protection: 0
server: cafe
etag: 8889400180175641948
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Feb 2021 22:06:23 GMT

GET
H3-Q050 200 column_bg.gif
yayabo.net/img/ 2 KB
2 KB 261ms
261ms Image
image/gif 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yayabo.net/img/column_bg.gif
Requested by: Host: yayabo.net
URL: https://yayabo.net/styles.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: f1afa44bd0a08579311329cc43c59a2b88b2ecee21a35d09ebf90ece6fc5229c

Request headers

Referer: https://yayabo.net/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
last-modified: Sat, 29 Sep 2018 06:11:11 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 2370
expires: Thu, 18 Feb 2021 22:06:23 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/ Frame FF9A 10 KB
5 KB 9ms
5ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210208/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210208/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 11 Feb 2021 04:07:16 GMT
expires: Thu, 25 Feb 2021 04:07:16 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
age: 64747
cache-control: public, max-age=1209600
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 colorframe_l.gif
yayabo.net/img/ 64 B
165 B 263ms
260ms Image
image/gif 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yayabo.net/img/colorframe_l.gif
Requested by: Host: yayabo.net
URL: https://yayabo.net/css/textstyles.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: bb5eff8f89960bc1ac8ddf4ea9719db4242753c187eb53afaea63e64bbce5a89

Request headers

Referer: https://yayabo.net/css/textstyles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
last-modified: Sat, 29 Sep 2018 06:11:04 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 64
expires: Thu, 18 Feb 2021 22:06:23 GMT

GET
H3-Q050 200 colorframe_t.gif
yayabo.net/img/ 322 B
369 B 275ms
272ms Image
image/gif 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yayabo.net/img/colorframe_t.gif
Requested by: Host: yayabo.net
URL: https://yayabo.net/css/textstyles.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: eda879597c1abf4c7b23300a70da98c5ac768ef22e916e2fceed1178b4258f2b

Request headers

Referer: https://yayabo.net/css/textstyles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
last-modified: Sat, 29 Sep 2018 06:11:08 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 322
expires: Thu, 18 Feb 2021 22:06:23 GMT

GET
H3-Q050 200 colorframe_tr.gif
yayabo.net/img/ 79 B
126 B 275ms
272ms Image
image/gif 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yayabo.net/img/colorframe_tr.gif
Requested by: Host: yayabo.net
URL: https://yayabo.net/css/textstyles.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: 0d2dba81c3df63101aaae383d8cf8948c977fdee5e2113606b0c14f5827075c5

Request headers

Referer: https://yayabo.net/css/textstyles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
last-modified: Sat, 29 Sep 2018 06:11:10 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 79
expires: Thu, 18 Feb 2021 22:06:23 GMT

GET
H3-Q050 200 colorframe_r.gif
yayabo.net/img/ 64 B
110 B 275ms
272ms Image
image/gif 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yayabo.net/img/colorframe_r.gif
Requested by: Host: yayabo.net
URL: https://yayabo.net/css/textstyles.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: 03f22af7845c15e20bb786f14fdecad2024a5ac91f85cf27f916bcc40b74631f

Request headers

Referer: https://yayabo.net/css/textstyles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
last-modified: Sat, 29 Sep 2018 06:11:06 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 64
expires: Thu, 18 Feb 2021 22:06:23 GMT

GET
H3-Q050 200 colorframe_b.gif
yayabo.net/img/ 326 B
374 B 275ms
272ms Image
image/gif 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yayabo.net/img/colorframe_b.gif
Requested by: Host: yayabo.net
URL: https://yayabo.net/css/textstyles.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: f0f1712e58df7d5faebb987c411e0dc4e44463a011e71759da2a757056786fa7

Request headers

Referer: https://yayabo.net/css/textstyles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
last-modified: Sat, 29 Sep 2018 06:11:00 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 326
expires: Thu, 18 Feb 2021 22:06:23 GMT

GET
H3-Q050 200 colorframe_br.gif
yayabo.net/img/ 79 B
125 B 275ms
272ms Image
image/gif 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yayabo.net/img/colorframe_br.gif
Requested by: Host: yayabo.net
URL: https://yayabo.net/css/textstyles.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: 31586acfd208e2df9b87c40a246de1b23ece730aa74b5c892b66790bdbe994be

Request headers

Referer: https://yayabo.net/css/textstyles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
last-modified: Sat, 29 Sep 2018 06:11:01 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 79
expires: Thu, 18 Feb 2021 22:06:23 GMT

GET
H3-Q050 200 menu-h4.png
yayabo.net/img/ 1 KB
1 KB 275ms
272ms Image
image/png 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yayabo.net/img/menu-h4.png
Requested by: Host: yayabo.net
URL: https://yayabo.net/styles.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: d61d24c8c65d2da79b9ccba4709bc61abc16f24e7d840e2ad341923f0d82e153

Request headers

Referer: https://yayabo.net/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
last-modified: Sat, 29 Sep 2018 06:11:01 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1153
expires: Thu, 18 Feb 2021 22:06:23 GMT

GET
H3-Q050 200 menu_bg.png
yayabo.net/img/ 278 B
334 B 275ms
272ms Image
image/png 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yayabo.net/img/menu_bg.png
Requested by: Host: yayabo.net
URL: https://yayabo.net/styles.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: 647be191d7b166efbe20e682363ac62619fbe0484d25c67ff0cac6716b19421c

Request headers

Referer: https://yayabo.net/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
last-modified: Sat, 29 Sep 2018 06:11:04 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 278
expires: Thu, 18 Feb 2021 22:06:23 GMT

GET
H3-Q050 200 pagetop_button.png
yayabo.net/img/ 1 KB
1 KB 275ms
272ms Image
image/png 150.95.52.118
INTERQ GMO Internet

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://yayabo.net/img/pagetop_button.png
Requested by: Host: yayabo.net
URL: https://yayabo.net/styles.css
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 150.95.52.118 , Japan, ASN7506 (INTERQ GMO Internet,Inc, JP),
Reverse DNS: jp16h.mixhost.jp
Software: LiteSpeed /
Resource Hash: bb470184f522774d51bd1d992ae993c074db8d474eadc79526c5d2af79288e36

Request headers

Referer: https://yayabo.net/styles.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
last-modified: Sat, 29 Sep 2018 06:11:01 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 1472
expires: Thu, 18 Feb 2021 22:06:23 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 200 B
640 B 141ms
66ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=yayabo.net&callback=_gfp_s_&client=ca-pub-1909876851417547

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f0d6aad1e3331d95e11e1b0a1669e53c121ee70e731a856986ca1d4bd1d56b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 192
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 47ms
27ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=yayabo.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 22:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 47ms
27ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=yayabo.net

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 22:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2957 101 KB
33 KB 346ms
345ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&h=280&slotname=7815103516&adk=3432339691&adf=2008460769&pi=t.ma~as.7815103516&w=860&fwrn=4&fwrnh=100&lmt=1538201289&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613081182956&bpp=69&bdt=534&idt=165&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=580597096918&frm=20&pv=2&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=370&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fw9E4lATlL&p=https%3A//yayabo.net&dtd=185

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

652baf5e73a07fe48c3c1fe9140e5e617bb785516fb2274827517a141d069e1e

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/970x250_Crypto_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/970x250_Crypto_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKz4qtfr4u4CFdR_GQodZQQDpg&gqi=X6olYM2XCoSyYqztlvAK&layout=/sadbundle/%24csp%253Der3%24/11768153954175572084/970x250_Crypto_CYSEC/970x250_Crypto_CYSEC.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1909876851417547&output=html&h=280&slotname=7815103516&adk=3432339691&adf=2008460769&pi=t.ma~as.7815103516&w=860&fwrn=4&fwrnh=100&lmt=1538201289&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613081182956&bpp=69&bdt=534&idt=165&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=580597096918&frm=20&pv=2&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=370&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fw9E4lATlL&p=https%3A//yayabo.net&dtd=185
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/970x250_Crypto_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/970x250_Crypto_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CKz4qtfr4u4CFdR_GQodZQQDpg&gqi=X6olYM2XCoSyYqztlvAK&layout=/sadbundle/%24csp%253Der3%24/11768153954175572084/970x250_Crypto_CYSEC/970x250_Crypto_CYSEC.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 11 Feb 2021 22:06:23 GMT
server: cafe
content-length: 32445
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 11-Feb-2021 22:21:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Feb 2021 22:06:23 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960672666234"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28344
x-xss-protection: 0
expires: Thu, 11 Feb 2021 22:06:23 GMT

GET
H2 200 970x250_Crypto_CYSEC.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/ Frame B96C 359 KB
54 KB 31ms
12ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/970x250_Crypto_CYSEC.html

Requested by

Host: preomietkarov.sk
URL: http://preomietkarov.sk/wp-content/plugins/ceske-sluzby-master/includes/option.php?r=bD1odHRwczovL3lheWFiby5uZXQvdW5kZXJjb29rLnBocCZ2MT1Id1ZPUXhaTFNRQnNYaDBiUUJWTlhnc0NFa05C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a98175342d3350a603530e197befa1ddc76172cf5213a4bbaff5bc4bccb47cbf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/970x250_Crypto_CYSEC.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&h=280&slotname=7815103516&adk=3432339691&adf=2008460769&pi=t.ma~as.7815103516&w=860&fwrn=4&fwrnh=100&lmt=1538201289&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613081182956&bpp=69&bdt=534&idt=165&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=580597096918&frm=20&pv=2&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=370&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fw9E4lATlL&p=https%3A//yayabo.net&dtd=185
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&h=280&slotname=7815103516&adk=3432339691&adf=2008460769&pi=t.ma~as.7815103516&w=860&fwrn=4&fwrnh=100&lmt=1538201289&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613081182956&bpp=69&bdt=534&idt=165&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=580597096918&frm=20&pv=2&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=370&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fw9E4lATlL&p=https%3A//yayabo.net&dtd=185

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Mon, 08 Feb 2021 01:26:04 GMT
expires: Tue, 08 Feb 2022 01:26:04 GMT
last-modified: Sun, 07 Feb 2021 23:39:34 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 53516
age: 333619
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1FDF 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CkC6iX6olYOzMCtT_ZeWIjLAKs5DEsGGrmtuwlA2Wgs2FiBYQASCe0dcmYJUCoAHq3IDRAsgBCakCjy4L2VABqj6oAwHIA0iqBLsBT9AzdtjD2K9FG0WjvSVnEdfZSdX79sY_3_KGQ3cylK0lIPgodVECQ1G2d68vgr_19ZGzDa6L7eOpP-nqr9FIjcpr_Zsue-MX_Y0eltuIwQfHt_DiEIIwrJzq1jsWmGDj4Qae-5YwIEmiU120kMbu0Z2tnEEZ0997xWvNjtbK1E31eAKKAfvMxFPTpudtpqA8uCUXlthtJPpRGf1fOdq3qrvXHfLm6ByzPECFBcGpsY5vEotiEOZihtDqu8AE0IzZ5roDkgUECAQYAZIFBAgFGASgBi6AB_6i_64BqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEELe0INIICQiA4YAQEAEYH4AKAcgLAdgTDbIXGgoYCAASFHB1Yi0xOTA5ODc2ODUxNDE3NTQ3&sigh=EWjNQK_ZdDM&template_id=419&tpd=AGWhJmsxvfVMsWx46su_WHnvsuNdL3i86NaS3I1TkWacwLbrMA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&h=280&slotname=7815103516&adk=3432339691&adf=2008460769&pi=t.ma~as.7815103516&w=860&fwrn=4&fwrnh=100&lmt=1538201289&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613081182956&bpp=69&bdt=534&idt=165&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=580597096918&frm=20&pv=2&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=370&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fw9E4lATlL&p=https%3A//yayabo.net&dtd=185
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Feb 2021 22:06:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Feb 2021 22:06:23 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/ Frame 1FDF 18 KB
8 KB 23ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&h=280&slotname=7815103516&adk=3432339691&adf=2008460769&pi=t.ma~as.7815103516&w=860&fwrn=4&fwrnh=100&lmt=1538201289&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613081182956&bpp=69&bdt=534&idt=165&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=580597096918&frm=20&pv=2&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=370&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fw9E4lATlL&p=https%3A//yayabo.net&dtd=185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8bbf21d644eb606c170f9b814332ded340aeb17e70b94af6d4816a146ae8342a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&h=280&slotname=7815103516&adk=3432339691&adf=2008460769&pi=t.ma~as.7815103516&w=860&fwrn=4&fwrnh=100&lmt=1538201289&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613081182956&bpp=69&bdt=534&idt=165&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=580597096918&frm=20&pv=2&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=370&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fw9E4lATlL&p=https%3A//yayabo.net&dtd=185
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 21:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 13709262462862093242
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 21:13:32 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame 1FDF 3 KB
2 KB 28ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&h=280&slotname=7815103516&adk=3432339691&adf=2008460769&pi=t.ma~as.7815103516&w=860&fwrn=4&fwrnh=100&lmt=1538201289&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613081182956&bpp=69&bdt=534&idt=165&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=580597096918&frm=20&pv=2&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=370&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fw9E4lATlL&p=https%3A//yayabo.net&dtd=185
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 21:11:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3289
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 21:11:34 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FDF 107 KB
33 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&h=280&slotname=7815103516&adk=3432339691&adf=2008460769&pi=t.ma~as.7815103516&w=860&fwrn=4&fwrnh=100&lmt=1538201289&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613081182956&bpp=69&bdt=534&idt=165&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=580597096918&frm=20&pv=2&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=370&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fw9E4lATlL&p=https%3A//yayabo.net&dtd=185
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1612960666436283"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33367
x-xss-protection: 0
expires: Thu, 11 Feb 2021 22:06:23 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/ Frame 1FDF 14 KB
6 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210208/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&h=280&slotname=7815103516&adk=3432339691&adf=2008460769&pi=t.ma~as.7815103516&w=860&fwrn=4&fwrnh=100&lmt=1538201289&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613081182956&bpp=69&bdt=534&idt=165&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=580597096918&frm=20&pv=2&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=370&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fw9E4lATlL&p=https%3A//yayabo.net&dtd=185
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 21:13:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3197
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Feb 2021 21:13:06 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7905 143 B
216 B 6ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&h=280&slotname=7815103516&adk=3432339691&adf=2008460769&pi=t.ma~as.7815103516&w=860&fwrn=4&fwrnh=100&lmt=1538201289&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613081182956&bpp=69&bdt=534&idt=165&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=580597096918&frm=20&pv=2&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=370&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fw9E4lATlL&p=https%3A//yayabo.net&dtd=185
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&h=280&slotname=7815103516&adk=3432339691&adf=2008460769&pi=t.ma~as.7815103516&w=860&fwrn=4&fwrnh=100&lmt=1538201289&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613081182956&bpp=69&bdt=534&idt=165&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=580597096918&frm=20&pv=2&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=370&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fw9E4lATlL&p=https%3A//yayabo.net&dtd=185

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 11 Feb 2021 21:23:05 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2598
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B96C 9 KB
4 KB 35ms
19ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/970x250_Crypto_CYSEC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 05:56:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58210
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 12 Feb 2021 05:56:13 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B96C 22 KB
9 KB 35ms
20ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/970x250_Crypto_CYSEC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 22:10:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 86155
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 11 Feb 2021 22:10:28 GMT

GET
H3-Q050 200 createjs-2015.11.26.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/libs/ Frame B96C 186 KB
50 KB 36ms
21ms Script
application/x-javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/libs/createjs-2015.11.26.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/970x250_Crypto_CYSEC.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 333619
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49532
x-xss-protection: 0
last-modified: Sun, 07 Feb 2021 23:39:34 GMT
server: sffe
date: Mon, 08 Feb 2021 01:26:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Feb 2022 01:26:04 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7905
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

14ms
14ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUmo1Ilfv6NB307tS-OTbsIIc4XUL42xDAsb295NPTOS9tSgAtKXBpp9d_SBZtI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Feb 2021 22:06:23 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 11-Feb-2021 23:06:23 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Feb 2021 22:06:23 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Feb 2021 22:06:23 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1FDF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bb0bf832adaaee2ee49715f72a88819ad757f364e2d9591570aa808087ed801

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 b1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/ Frame B96C 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/b1.png?1612703606438

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9f11198f0ab7cfd020549a59766b4679b32cc8abda972f04100388e77df1d1b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 333638
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2833
x-xss-protection: 0
last-modified: Sun, 07 Feb 2021 23:39:34 GMT
server: sffe
date: Mon, 08 Feb 2021 01:25:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Feb 2022 01:25:45 GMT

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame B96C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 11:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 38930
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Fri, 11 Feb 2022 11:17:33 GMT

GET
H3-Q050 200 b2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/ Frame B96C 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/b2.png?1612703606438

Requested by

Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce1ed2e9be8ff9df278edca25d9eb912161fdd5d36e8c9a9fa5394637ffa1455

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 333638
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2775
x-xss-protection: 0
last-modified: Sun, 07 Feb 2021 23:39:34 GMT
server: sffe
date: Mon, 08 Feb 2021 01:25:45 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Feb 2022 01:25:45 GMT

GET
H3-Q050 200 b3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/ Frame B96C 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/b3.png?1612703606438

Requested by

Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

37e4caae3508151d00a12bf57c48b7b6d430df206af4e3795e7e6c09a7ba2f1b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 333637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2794
x-xss-protection: 0
last-modified: Sun, 07 Feb 2021 23:39:34 GMT
server: sffe
date: Mon, 08 Feb 2021 01:25:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Feb 2022 01:25:46 GMT

GET
H2 200 Zen Show response
x7.shinobi.jp/ 321 B
397 B 2447ms
2446ms Script
application/x-javascript 202.228.215.70
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://x7.shinobi.jp/Zen?1094526Naaabaaabaaaaaaaaaaaaaacjobueayg00__https://yayabo.net/undercook.php?v1=HwVOQxZLSQBsXh0bQBVNXgsCEkNB
Requested by: Host: x7.shinobi.jp
URL: https://x7.shinobi.jp/ufo/109452600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.70 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: x4.shinobi.jp
Software: openresty /
Resource Hash: be1052655daf754e29296f9263badd686ec515622075a7a7727e6fca2a4d20e4

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:26 GMT
server: openresty
content-length: 321
content-type: application/x-javascript

GET
H2 200 encount Show response
asumi.shinobi.jp/ 134 B
223 B 765ms
254ms Script
application/javascript 202.228.215.62
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://asumi.shinobi.jp/encount
Requested by: Host: x7.shinobi.jp
URL: https://x7.shinobi.jp/ufo/109452600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.62 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: ff8f8126161b73657b18d80a72ad0c1d95cdfae31fc3153275f760b6e211934e

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 11 Feb 2021 22:06:24 GMT
content-encoding: gzip
server: openresty
content-type: application/javascript

GET
H2 200 assault Show response
asumi.shinobi.jp/ 286 B
269 B 766ms
255ms Script
application/javascript 202.228.215.62
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://asumi.shinobi.jp/assault?f=102
Requested by: Host: x7.shinobi.jp
URL: https://x7.shinobi.jp/ufo/109452600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.62 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: 97579b4e4d2dda2515e270714d634b4cb6df079dccc2d8854d2846b0d165c59d

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 11 Feb 2021 22:06:24 GMT
content-encoding: gzip
server: openresty
content-type: application/javascript

GET
H2 200 assault Show response
asumi.shinobi.jp/ 286 B
269 B 765ms
255ms Script
application/javascript 202.228.215.62
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://asumi.shinobi.jp/assault?f=233
Requested by: Host: x7.shinobi.jp
URL: https://x7.shinobi.jp/ufo/109452600
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.62 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: bedf6f8b052fc0037f792a2a6f494eef162df91193e03ee41107d17f6062ddc5

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 11 Feb 2021 22:06:24 GMT
content-encoding: gzip
server: openresty
content-type: application/javascript

GET
H3-Q050 200 b4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/ Frame B96C 3 KB
3 KB 7ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/b4.png?1612703606438

Requested by

Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40e4ca785fbdd235ed59f15be7fb71c733d8dec51a75b5ff53943466e6376e3e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 333637
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2785
x-xss-protection: 0
last-modified: Sun, 07 Feb 2021 23:39:34 GMT
server: sffe
date: Mon, 08 Feb 2021 01:25:46 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Feb 2022 01:25:46 GMT

GET
H3-Q050 200 b5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/ Frame B96C 3 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/b5.png?1612703606438

Requested by

Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd0bdd24280f8b22eb04178ebcb13bcd3ca6e8556a8de013645984074fd6519a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 333636
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2761
x-xss-protection: 0
last-modified: Sun, 07 Feb 2021 23:39:34 GMT
server: sffe
date: Mon, 08 Feb 2021 01:25:47 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Feb 2022 01:25:47 GMT

GET
H3-Q050 200 circuitos.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/ Frame B96C 20 KB
20 KB 7ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/circuitos.png?1612703606438

Requested by

Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aed9fe2b609631c6841e9319489de8c42a054b5e8fb8c39352d27ca8d166943a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 333635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20248
x-xss-protection: 0
last-modified: Sun, 07 Feb 2021 23:39:34 GMT
server: sffe
date: Mon, 08 Feb 2021 01:25:48 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Feb 2022 01:25:48 GMT

GET
H3-Q050 200 fondo970.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/ Frame B96C 6 KB
6 KB 6ms
6ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/fondo970.jpg?1612703606438

Requested by

Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78dbc9cd19dd5259ac28d72cb3d37a550984ea3193f0c8a6d069d21e0431dd3f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 333635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6319
x-xss-protection: 0
last-modified: Sun, 07 Feb 2021 23:39:34 GMT
server: sffe
date: Mon, 08 Feb 2021 01:25:48 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Feb 2022 01:25:48 GMT

GET
H3-Q050 200 notebook.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/ Frame B96C 5 KB
5 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/notebook.png?1612703606438

Requested by

Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9253810d1bec934a4f882c5f0023d4728b7c4f188face11cef590230d4763eb8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 333635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4984
x-xss-protection: 0
last-modified: Sun, 07 Feb 2021 23:39:34 GMT
server: sffe
date: Mon, 08 Feb 2021 01:25:48 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Feb 2022 01:25:48 GMT

GET
H3-Q050 200 plataformaCOIN.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/ Frame B96C 6 KB
6 KB 7ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/11768153954175572084/970x250_Crypto_CYSEC/images/plataformaCOIN.png?1612703606438

Requested by

Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8220d81d935da596097a07d0b0fb1152c7ab8367345ea4e59746890096b07761

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 333635
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6260
x-xss-protection: 0
last-modified: Sun, 07 Feb 2021 23:39:34 GMT
server: sffe
date: Mon, 08 Feb 2021 01:25:48 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Feb 2022 01:25:48 GMT

GET
H2 200 1.17.46 Show response
cnobi.jp/v1/asumi/arms/ 43 KB
10 KB 1069ms
262ms Script
application/javascript 14.0.42.22
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cnobi.jp/v1/asumi/arms/1.17.46
Requested by: Host: asumi.shinobi.jp
URL: https://asumi.shinobi.jp/encount
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.22 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: c0eefafd7ffb6ac52212a1206880bc04659711f6cebb6ececdb6afad521243b7

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 11 Feb 2021 22:06:25 GMT
via: 1.1 PSrbdjTYO3oi46:1 (W), 1.1 PSrbdjTYO3yp130:12 (W)
server: PWS/8.3.1.0.8
age: 64825
etag: CPCgp4O53egCEAE=
x-ws-request-id: 6025aa61_PSrbdjTYO3yp130_16393-25382
content-type: application/javascript
cache-control: max-age=31536000
x-px: ht PSrbdjTYO3yp130HND
content-encoding: gzip

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1FDF 42 B
725 B 71ms
55ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvEt4tMiR9rjzwmmNtgkAyZDasaxSa9LUh4YfNeB7q1o901E7QhRXMRBhSx4Hpb1jgfUtO0ELOftPDrNjuDhu4C--bp9hagnfId7Vl3mM2UuGVnqNeoWnTdjfAPAg&sai=AMfl-YRAxMMkNLt1G9Z0zbN-G10awZDmqsoDQhGbhQAlBK4crXmloGw3xKOTX86x3lnkXqNu_qj30xIY1IM2&sig=Cg0ArKJSzAzdEzAldTcLEAE&id=osdim&mcvt=1000&p=382,370,603.65625,1230&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210210&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3432339691&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613081183147&dlt=351&rpt=72&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&h=280&slotname=7815103516&adk=3432339691&adf=2008460769&pi=t.ma~as.7815103516&w=860&fwrn=4&fwrnh=100&lmt=1538201289&rafmt=1&psa=0&format=860x280&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1613081182956&bpp=69&bdt=534&idt=165&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=580597096918&frm=20&pv=2&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=370&ady=382&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeoE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=fw9E4lATlL&p=https%3A//yayabo.net&dtd=185
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 22:06:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fire Show response
asumi.shinobi.jp/ 791 B
432 B 260ms
260ms Script
application/javascript 202.228.215.62
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://asumi.shinobi.jp/fire?f=102
Requested by: Host: asumi.shinobi.jp
URL: https://asumi.shinobi.jp/assault?f=102
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.62 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: a25cd4488e63174151a63e2b7589ad7aa6543ade614fea4e82edd2711f1566fb

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 11 Feb 2021 22:06:25 GMT
content-encoding: gzip
server: openresty
content-type: application/javascript; charset=utf-8

GET
H2 200 track
asumi.shinobi.jp/ 43 B
108 B 256ms
254ms Image
image/gif 202.228.215.62
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asumi.shinobi.jp/track?r=348&a=pick&_=1613081185862
Requested by: Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.62 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:25 GMT
server: openresty
content-length: 43
content-type: image/gif

GET
H2 200 248
cnobi.jp/v1/asumi/resource/ 3 KB
4 KB 261ms
260ms Image
image/gif 14.0.42.22
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cnobi.jp/v1/asumi/resource/248
Requested by: Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 14.0.42.22 Osaka, Japan, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: e66705cbc188126c27d1c43cf591475230880c760686e893eed9528da0a217d3

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:25 GMT
via: 1.1 PSrbdjTYO3sh60:4 (W), 1.1 PSrbdjTYO3xw125:1 (W)
server: PWS/8.3.1.0.8
age: 768771
etag: CO2r8+i13egCEAE=
x-ws-request-id: 6025aa61_PSrbdjTYO3yp130_16393-25433
content-type: image/gif
cache-control: max-age=31536000
x-px: ht PSrbdjTYO3xw125HND

GET
H2 200 track
asumi.shinobi.jp/ 43 B
108 B 256ms
255ms Image
image/gif 202.228.215.62
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asumi.shinobi.jp/track?r=348&a=imp&_=1613081185863
Requested by: Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.62 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:25 GMT
server: openresty
content-length: 43
content-type: image/gif

GET
H2 200 track
asumi.shinobi.jp/ 43 B
108 B 256ms
255ms Image
image/gif 202.228.215.62
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://asumi.shinobi.jp/track?r=348&a=view&_=1613081185863
Requested by: Host: yayabo.net
URL: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.62 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:25 GMT
server: openresty
content-length: 43
content-type: image/gif

GET
H2 200 fire Show response
asumi.shinobi.jp/ 0
64 B 263ms
263ms Script
application/javascript 202.228.215.62
IDCF IDC Frontier...

General

Check archive.org

Show headers Download Go to

Full URL: https://asumi.shinobi.jp/fire?f=233
Requested by: Host: asumi.shinobi.jp
URL: https://asumi.shinobi.jp/assault?f=233
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 202.228.215.62 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS: swarm.shinobi.jp
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 11 Feb 2021 22:06:26 GMT
server: openresty
content-length: 0
content-type: application/javascript

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5A5D 0
180 B 41ms
41ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1909876851417547&output=html&adk=1812271804&adf=3025194257&lmt=1538201289&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1613081186204&bpp=2&bdt=3782&idt=2&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=860x280&nras=1&correlator=580597096918&frm=20&pv=1&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=7

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-1909876851417547&output=html&adk=1812271804&adf=3025194257&lmt=1538201289&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fyayabo.net%2F%3Fv1%3DZWxib3JnZW5AcmVubGVhcm4uY29t&ea=0&flash=0&pra=7&wgl=1&adsid=NT&dt=1613081186204&bpp=2&bdt=3782&idt=2&shv=r20210208&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=860x280&nras=1&correlator=580597096918&frm=20&pv=1&ga_vid=1665977867.1613081183&ga_sid=1613081183&ga_hid=1748753786&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C21068769%2C21068893%2C21069110&oid=3&pvsid=1472227992215511&pem=552&ref=https%3A%2F%2Fyayabo.net%2Fundercook.php%3Fv1%3DHwVOQxZLSQBsXh0bQBVNXgsCEkNB&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=1&uci=a!1&fsb=1&dtd=7
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 11 Feb 2021 22:06:26 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 11-Feb-2021 22:21:26 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Thu, 11 Feb 2021 22:06:26 GMT
cache-control: private

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 32ms
32ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210208&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dd4b6467d5e6a6d2ae6c24596b782e37c6c8a730179886f5ff8ac4b1d367df46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Feb 2021 22:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6396
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210208/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 22:06:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 11 Feb 2021 22:06:26 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame BB1C 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 11 Feb 2021 20:55:18 GMT
expires: Fri, 11 Feb 2022 20:55:18 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4268
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js Show response
pagead2.googlesyndication.com/bg/ Frame BB1C 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ss-Dm7K1R8Y8ZBbOoHstP-uzJpKZal01rHChStaWcmU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 11:17:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 00:15:00 GMT
server: sffe
age: 38933
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6290
x-xss-protection: 0
expires: Fri, 11 Feb 2022 11:17:33 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
643 B 41ms
41ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210208&jk=1472227992215511&bg=!6uml6arNAAWP4B5EjzsAKQB2-Dxa2RshoiJbZSS3DdOiR_8vSnaHX8Ef8zYIyQI5xFNBP5LRue-1AgAAAGxSAAAADmgBBwoAt2cz9IyIe35U3oPovZgzm_12_Vkt20_gXN8l2PxNFOpJAW3Zn3O0VWPPmB2L594CcRkZySrRRnK_fQCZ0QXHKJ5Hs4l9ANLbED8aMsu_qDdeiGreVOONnw_k0RMjjcnvETUNnZ1hztEUnG_33Z9Q9uOmcVKuILqYsmeERif3tO5AQGviIQWGb95ni7D36PZZn6XIvkCIh8-aSM4Zxr54KCT4ZADGmPhbTSgHsU940PNAy7NKW6YdPpkB5_O8UiH4seKOSY79Bd9nUyoHLaqgt-q_Rq4k91GLL0I2ZMT2pky9ehlgNmLJ8L3Nq-stcDzA4o6aQHlLDgxsYJDY7zL75UW1jrQa9SdFZ6wGHOo8C6EoghJm_CwQGca-iYg0KGkx9XR4N8AGO5GlkZIIIhIUma5GD-T64ha-xXAPkS2Fo9gB6vnqSW0bFDTRIKyYz_G9C0Nrw4fHuzWu3A7wnUp1YRYfaGbr-XhmxSoDdPplOlkko_fLQKtYhAtvL7oWo3ncKIqzcqJEqETsYu59-WvlJUfOZofF_LsQAg9uvdHUaOmdkoCYiFGvr_RE1oG6KK3wQ_bG_EywGZZvIKH9AKyHNvT9gcpA2MvMcxUDOGSejOVqm_-_oQDhsRv10KqOXgAEFDMlOwLSS3aGQ9SDswpIJjKTvOtaIzR8bPLzb33Hh5CObCSwIzxZkZLIk4syWqyDMCltOjdCeRqLqvXsVIAHo8bxwrPX2Zlo47adRSjNa4ou56Ebv_HuYOW7DjFAv3FzzJFk9lcKwYPWoT4zfQb59AQcZGhp45ivlPYimZ2Rd1O__xTVMfmV72kTNNta1h5YtjRZvZyrjw4d-81Mn7jOGuw9jq1Xn1fd6g7RQc8UNGWOlLkbbHSd2KVSO-DElGHvI0M

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://yayabo.net/?v1=ZWxib3JnZW5AcmVubGVhcm4uY29t
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 22:06:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-19 16:04:42	Name: test_cookie Value: CheckForPermission
			yayabo.net/	1970-01-20 00:50:49	Name: 1094526NQ Value: gfftzisdfftzisdaaab&00aaab

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ajax.googleapis.com
asumi.shinobi.jp
cnobi.jp
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
preomietkarov.sk
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
x7.shinobi.jp
yayabo.net
14.0.42.22
142.250.186.98
150.95.52.118
159.69.155.82
202.228.215.62
202.228.215.70
2a00:1450:4001:811::2001
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
03f22af7845c15e20bb786f14fdecad2024a5ac91f85cf27f916bcc40b74631f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
094eb70f761bc25fd6594b69e51efffc9b5430cfaad125f2e82bfd4009895f43
0d2dba81c3df63101aaae383d8cf8948c977fdee5e2113606b0c14f5827075c5
0f1cabd80bab1dc7221b612d030238ce246a32a93e3de1c7f9a5ff07bff20ca4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
23ef6ffff53295516a8a425cc9926d9bfc232c82604591a30751ac9d2a06f3c6
2777c710350668010542846968025d642d40984fa87ad21b3b175c0d2f7e0b31
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
31586acfd208e2df9b87c40a246de1b23ece730aa74b5c892b66790bdbe994be
37e4caae3508151d00a12bf57c48b7b6d430df206af4e3795e7e6c09a7ba2f1b
40e4ca785fbdd235ed59f15be7fb71c733d8dec51a75b5ff53943466e6376e3e
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4acf839bb2b547c63c6416cea07b2d3febb32692996a5d35ac70a14ad6967265
5bebd6a600d07338bb28632f313583c442772c390029946d7e6c99a48aa21c4c
5e5c91877e26924918d20cacf7e826358b9eed325d80b63c3cdb5180f3a42bf8
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
61392609c7bc1e104256ba13e818718c73b6f147b3b15b3b1775c6a4432bce77
647be191d7b166efbe20e682363ac62619fbe0484d25c67ff0cac6716b19421c
652baf5e73a07fe48c3c1fe9140e5e617bb785516fb2274827517a141d069e1e
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
782db5605136a4b7d143bfdacf544a921cd7b8b2bd8c1fcfb1ff51baeb1d4cbc
7844cd2882dbf5266813c2a83925e4741f3874569ca0d144a7faac739eb3ceeb
78dbc9cd19dd5259ac28d72cb3d37a550984ea3193f0c8a6d069d21e0431dd3f
80a1ae567d396855243284e674876bb0d856f0e7a18d3c0142f0828513716dfe
8220d81d935da596097a07d0b0fb1152c7ab8367345ea4e59746890096b07761
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
8bb0bf832adaaee2ee49715f72a88819ad757f364e2d9591570aa808087ed801
8bbf21d644eb606c170f9b814332ded340aeb17e70b94af6d4816a146ae8342a
9253810d1bec934a4f882c5f0023d4728b7c4f188face11cef590230d4763eb8
93ac06c86785df554397c87f6ef6150c851e3ed2be252c754ba3588e6eaa7842
97579b4e4d2dda2515e270714d634b4cb6df079dccc2d8854d2846b0d165c59d
9b2ca2878bb384611a5a4d095b82c0da13be50bbb1269cfccb150540069f1d13
a25cd4488e63174151a63e2b7589ad7aa6543ade614fea4e82edd2711f1566fb
a7d1cf069d2e1778a6c3370b74be66ba1ad80e382b9f7db6222cdb0e1a45b0d7
a98175342d3350a603530e197befa1ddc76172cf5213a4bbaff5bc4bccb47cbf
ab42ff31d07c36ec69c448d804ee5b0204822d8ae24c49a00b0c5fe117467e61
aed9fe2b609631c6841e9319489de8c42a054b5e8fb8c39352d27ca8d166943a
bb470184f522774d51bd1d992ae993c074db8d474eadc79526c5d2af79288e36
bb5eff8f89960bc1ac8ddf4ea9719db4242753c187eb53afaea63e64bbce5a89
be1052655daf754e29296f9263badd686ec515622075a7a7727e6fca2a4d20e4
bedf6f8b052fc0037f792a2a6f494eef162df91193e03ee41107d17f6062ddc5
c0eefafd7ffb6ac52212a1206880bc04659711f6cebb6ececdb6afad521243b7
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
ca32b467427c3856bde336bfe9039a2f57e202cad88c510e498945b5152d0afb
cd0bdd24280f8b22eb04178ebcb13bcd3ca6e8556a8de013645984074fd6519a
ce1ed2e9be8ff9df278edca25d9eb912161fdd5d36e8c9a9fa5394637ffa1455
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d61d24c8c65d2da79b9ccba4709bc61abc16f24e7d840e2ad341923f0d82e153
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dd4b6467d5e6a6d2ae6c24596b782e37c6c8a730179886f5ff8ac4b1d367df46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c5b6ea212b13f6677949f685a851936417e8a16af58a5820c115a2c0937a09
e66705cbc188126c27d1c43cf591475230880c760686e893eed9528da0a217d3
eda879597c1abf4c7b23300a70da98c5ac768ef22e916e2fceed1178b4258f2b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d6aad1e3331d95e11e1b0a1669e53c121ee70e731a856986ca1d4bd1d56b9b
f0f1712e58df7d5faebb987c411e0dc4e44463a011e71759da2a757056786fa7
f1afa44bd0a08579311329cc43c59a2b88b2ecee21a35d09ebf90ece6fc5229c
f9f11198f0ab7cfd020549a59766b4679b32cc8abda972f04100388e77df1d1b
ff8f8126161b73657b18d80a72ad0c1d95cdfae31fc3153275f760b6e211934e

yayabo.net Open in urlscan Pro 150.95.52.118 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

70 Requests

99 %HTTPS

40 %IPv6

11 Domains

14 Subdomains

10 IPs

3 Countries

605 kBTransfer

1702 kBSize

2 Cookies

1 Outgoing links

Page URL History

Redirected requests

70 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

yayabo.net Open in urlscan Pro
150.95.52.118 Public Scan

Screenshot
Live screenshot

Full Image

70
Requests

99 %
HTTPS

40 %
IPv6

11
Domains

14
Subdomains

10
IPs

3
Countries

605 kB
Transfer

1702 kB
Size

2
Cookies

70 HTTP transactions
1 data transactions