www.mirrormedia.mg Open in urlscan Pro
35.244.140.142 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.mirrormedia.mg/story/20220504inv003/
Submission: On June 24 via manual (June 24th 2022, 6:25:33 pm UTC) from US — Scanned from US

Summary HTTP 131 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 42 IPs in 3 countries across 32 domains to perform 131 HTTP transactions. The main IP is 35.244.140.142, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.mirrormedia.mg. The Cisco Umbrella rank of the primary domain is 257663.
TLS certificate: Issued by Gandi Standard SSL CA 2 on February 16th 2022. Valid for: a year.

This is the only time www.mirrormedia.mg was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
46	35.244.140.142 35.244.140.142	15169 (GOOGLE) (GOOGLE)
11	142.251.40.162 142.251.40.162	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:81c::200e	15169 (GOOGLE) (GOOGLE)
2 4	13.33.60.9 13.33.60.9	16509 (AMAZON-02) (AMAZON-02)
1	99.84.126.57 99.84.126.57	16509 (AMAZON-02) (AMAZON-02)
5	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
4	2607:f8b0:400... 2607:f8b0:4006:80c::2008	15169 (GOOGLE) (GOOGLE)
1	13.33.60.50 13.33.60.50	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f13:57e... 2600:1f13:57e:7b02:129a:a9a6:7863:3a90	16509 (AMAZON-02) (AMAZON-02)
1	142.251.41.2 142.251.41.2	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:824::2001	15169 (GOOGLE) (GOOGLE)
1	34.102.146.192 34.102.146.192	15169 (GOOGLE) (GOOGLE)
1	2620:100:a001::4 2620:100:a001::4	19750 (AS-CRITEO) (AS-CRITEO)
1	18.236.53.150 18.236.53.150	16509 (AMAZON-02) (AMAZON-02)
1	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1	99.84.37.90 99.84.37.90	16509 (AMAZON-02) (AMAZON-02)
1	3.14.218.241 3.14.218.241	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:80a::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4004:c06::9d	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:821::200a	15169 (GOOGLE) (GOOGLE)
2	34.96.95.4 34.96.95.4	15169 (GOOGLE) (GOOGLE)
8	2606:4700:10:... 2606:4700:10::ac43:1a69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.235.231.13 18.235.231.13	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.120.107.143 34.120.107.143	15169 (GOOGLE) (GOOGLE)
1	141.95.98.67 141.95.98.67	16276 (OVH) (OVH)
4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
5	2606:4700:10:... 2606:4700:10::ac43:4d8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	2600:1f18:4e9... 2600:1f18:4e9:5a07:1b3a:f53f:5ba9:461e	14618 (AMAZON-AES) (AMAZON-AES)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.176.194 142.250.176.194	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:816::2003	15169 (GOOGLE) (GOOGLE)
1 2	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
1	74.119.119.139 74.119.119.139	19750 (AS-CRITEO) (AS-CRITEO)
2	35.190.46.27 35.190.46.27	15169 (GOOGLE) (GOOGLE)
2	13.251.113.122 13.251.113.122	16509 (AMAZON-02) (AMAZON-02)
1	2607:f8b0:400... 2607:f8b0:4006:809::2002	15169 (GOOGLE) (GOOGLE)
2	52.119.185.103 52.119.185.103	16509 (AMAZON-02) (AMAZON-02)
131	42

46 35.244.140.142 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 142.140.244.35.bc.googleusercontent.com

www.mirrormedia.mg	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.mirrormedia.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.251.40.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s81-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:81c::200e (New York, United States)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.33.60.9 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-9.ewr52.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.126.57 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-126-57.ewr52.r.cloudfront.net

certify-js.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80c::2008 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.33.60.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-50.ewr52.r.cloudfront.net

certify.alexametrics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f13:57e:7b02:129a:a9a6:7863:3a90 (Boardman, United States)

ASN16509 (AMAZON-02, US)

redirect.prod.experiment.routing.cloudfront.aws.a2z.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.41.2 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::2002 (New York, United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80a::2004 (New York, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::2002 (New York, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:824::2001 (New York, United States)

ASN15169 (GOOGLE, US)

69580243b080417e81d9e95e6a76cbd6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::4 (United States)

ASN19750 (AS-CRITEO, US)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.236.53.150 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-236-53-150.us-west-2.compute.amazonaws.com

id.sharedid.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.37.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-37-90.ewr52.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.14.218.241 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-14-218-241.us-east-2.compute.amazonaws.com

prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80a::2001 (New York, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2002 (New York, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c06::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200a (New York, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.96.95.4 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 4.95.96.34.bc.googleusercontent.com

auto-load-balancer.likr.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:10::ac43:1a69 (United States)

ASN13335 (CLOUDFLARENET, US)

avivid.likr.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avividone.likr.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.235.231.13 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-235-231-13.compute-1.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.98.67 (France)

ASN16276 (OVH, FR)
PTR: ns3216533.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::ac43:4d8 (United States)

ASN13335 (CLOUDFLARENET, US)

sun.advividnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rhea-cache.advividnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a07:1b3a:f53f:5ba9:461e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.176.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:816::2003 (New York, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:100:a001::c (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.190.46.27 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 27.46.190.35.bc.googleusercontent.com

load-balancer.likr.com.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.251.113.122 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-113-122.ap-southeast-1.compute.amazonaws.com

kinesis.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:809::2002 (New York, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.119.185.103 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)

firehose.ap-southeast-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	mirrormedia.mg www.mirrormedia.mg — Cisco Umbrella Rank: 257663	830 KB
17	mirrormedia.com.tw www.mirrormedia.com.tw — Cisco Umbrella Rank: 447068	1 MB
15	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205	212 KB
8	likr.tw avivid.likr.tw — Cisco Umbrella Rank: 49539 avividone.likr.tw — Cisco Umbrella Rank: 71545	105 KB
6	openx.net 1 redirects oajs.openx.net — Cisco Umbrella Rank: 4128 google-bidout-d.openx.net — Cisco Umbrella Rank: 3827 us-u.openx.net — Cisco Umbrella Rank: 387	2 KB
5	advividnetwork.com sun.advividnetwork.com — Cisco Umbrella Rank: 86553 rhea-cache.advividnetwork.com — Cisco Umbrella Rank: 70171	5 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	280 KB
4	amazonaws.com kinesis.ap-southeast-1.amazonaws.com — Cisco Umbrella Rank: 34994 firehose.ap-southeast-1.amazonaws.com — Cisco Umbrella Rank: 34505	1 KB
4	likr.com.tw auto-load-balancer.likr.com.tw — Cisco Umbrella Rank: 114831 load-balancer.likr.com.tw — Cisco Umbrella Rank: 25547	2 KB
4	googlesyndication.com 69580243b080417e81d9e95e6a76cbd6.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 160 pagead2.googlesyndication.com — Cisco Umbrella Rank: 120	13 KB
4	google.com www.google.com — Cisco Umbrella Rank: 8 adservice.google.com — Cisco Umbrella Rank: 92	1 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	676 B
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	236 KB
4	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 134	3 KB
3	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 391 mug.criteo.com — Cisco Umbrella Rank: 2727	8 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 367	970 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 612	612 B
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1463 bcp.crwdcntrl.net — Cisco Umbrella Rank: 863	9 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 1490 id5-sync.com — Cisco Umbrella Rank: 550	12 KB
2	alexametrics.com certify-js.alexametrics.com — Cisco Umbrella Rank: 8655 certify.alexametrics.com — Cisco Umbrella Rank: 4935	5 KB
1	gstatic.com www.gstatic.com	7 KB
1	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 479	990 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 307	30 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	43 KB
1	uidapi.com prod.uidapi.com — Cisco Umbrella Rank: 6618	5 KB
1	sharedid.org id.sharedid.org — Cisco Umbrella Rank: 5620	904 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 606	12 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 4229	8 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	a2z.com redirect.prod.experiment.routing.cloudfront.aws.a2z.com	48 B
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1355	39 KB
131	32

	Domain	Requested by
29	www.mirrormedia.mg	www.mirrormedia.mg
17	www.mirrormedia.com.tw	www.mirrormedia.mg
11	securepubads.g.doubleclick.net	www.mirrormedia.mg securepubads.g.doubleclick.net www.googletagservices.com
7	avivid.likr.tw	www.mirrormedia.mg ajax.googleapis.com
5	connect.facebook.net	www.mirrormedia.mg connect.facebook.net
4	sun.advividnetwork.com	www.mirrormedia.mg
4	www.facebook.com	www.mirrormedia.mg
4	www.googletagmanager.com	www.mirrormedia.mg www.googletagmanager.com
4	sb.scorecardresearch.com	2 redirects www.mirrormedia.mg
3	us-u.openx.net	google-bidout-d.openx.net
3	www.google.com	www.mirrormedia.mg securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.mirrormedia.mg www.google-analytics.com
2	firehose.ap-southeast-1.amazonaws.com	avivid.likr.tw
2	kinesis.ap-southeast-1.amazonaws.com	avivid.likr.tw
2	load-balancer.likr.com.tw	ajax.googleapis.com
2	gum.criteo.com	1 redirects static.criteo.net
2	cm.g.doubleclick.net	1 redirects google-bidout-d.openx.net
2	match.adsrvr.org	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	oajs.openx.net	1 redirects www.mirrormedia.mg
2	auto-load-balancer.likr.com.tw	www.mirrormedia.mg
2	tpc.googlesyndication.com	securepubads.g.doubleclick.net
1	pagead2.googlesyndication.com	www.googletagservices.com
1	mug.criteo.com	www.mirrormedia.mg
1	www.gstatic.com	www.mirrormedia.mg
1	avividone.likr.tw	www.mirrormedia.mg
1	pr-bh.ybp.yahoo.com	google-bidout-d.openx.net
1	rhea-cache.advividnetwork.com	www.mirrormedia.mg
1	google-bidout-d.openx.net	oa.openxcdn.net
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	ajax.googleapis.com	www.mirrormedia.mg
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	prod.uidapi.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	id.sharedid.org	securepubads.g.doubleclick.net
1	static.criteo.net	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	69580243b080417e81d9e95e6a76cbd6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	redirect.prod.experiment.routing.cloudfront.aws.a2z.com	www.mirrormedia.mg
1	certify.alexametrics.com	www.mirrormedia.mg
1	certify-js.alexametrics.com	www.mirrormedia.mg
1	www.googleoptimize.com	www.mirrormedia.mg
131	48

This site contains links to these domains. Also see Links.

Domain
googleads.g.doubleclick.net

Subject Issuer	Validity	Valid
*.mirrormedia.mg Gandi Standard SSL CA 2	`2022-02-16` - `2023-02-16`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
mirrormedia.com.tw Gandi Standard SSL CA 2	`2022-03-11` - `2023-04-11`	a year	crt.sh
certify-js.alexametrics.com Amazon	`2022-05-30` - `2023-06-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-03` - `2022-07-02`	3 months	crt.sh
certify.alexametrics.com Amazon	`2022-05-30` - `2023-06-28`	a year	crt.sh
*.prod.experiment.routing.cloudfront.aws.a2z.com Amazon	`2021-10-13` - `2022-11-11`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
oa.openxcdn.net GTS CA 1D4	`2022-06-12` - `2022-09-10`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
id.sharedid.org Amazon	`2021-12-09` - `2023-01-06`	a year	crt.sh
cdn.id5-sync.com R3	`2022-06-22` - `2022-09-20`	3 months	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.uidapi.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.likr.com.tw TWCA Secure SSL Certification Authority	`2022-05-09` - `2023-06-05`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-29` - `2023-05-29`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.advividnetwork.com TWCA Secure SSL Certification Authority	`2022-05-05` - `2023-06-05`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-06-14` - `2022-12-07`	6 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-15` - `2022-09-18`	3 months	crt.sh
kinesis.ap-southeast-1.amazonaws.com Amazon	`2022-05-07` - `2023-04-11`	a year	crt.sh
firehose.ap-southeast-1.amazonaws.com Amazon	`2022-05-23` - `2023-05-03`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.mirrormedia.mg/story/20220504inv003/
Frame ID: 160932AFF8A79184D9DF94F2D65D1B07
Requests: 124 HTTP requests in this frame

Frame: https://69580243b080417e81d9e95e6a76cbd6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D37AA75F0F343138AB8CDB830268AB60
Requests: 1 HTTP requests in this frame

Frame: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Frame ID: ABDE88CE5F030E6238ED853AC263E281
Requests: 1 HTTP requests in this frame

Frame: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Frame ID: 74B277CF48C37F44A8876A73DFA70E1D
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 6DD49CEC14E7AB2C250EE4B5444C0258
Requests: 6 HTTP requests in this frame

Frame: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=e7bfda5a-c97a-441e-a8f0-92d402b9055b
Frame ID: 4D6EDE16BFC55998BD425A7B3A45F9BE
Requests: 1 HTTP requests in this frame

Frame: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=e7bfda5a-c97a-441e-a8f0-92d402b9055b
Frame ID: E9853AAC972FA078034C28CD837A0D55
Requests: 1 HTTP requests in this frame

Frame: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=e7bfda5a-c97a-441e-a8f0-92d402b9055b
Frame ID: 763995883E6B1CEDACFE90438C567742
Requests: 1 HTTP requests in this frame

Frame: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=e7bfda5a-c97a-441e-a8f0-92d402b9055b
Frame ID: E5FD8411C94A79770FA9F1E035C26CC6
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mirrormedia.mg
Frame ID: 3DA9CC591E3C2EBE1250CFBB9C52ECAF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

131
Requests

95 %
HTTPS

47 %
IPv6

32
Domains

48
Subdomains

42
IPs

3
Countries

2974 kB
Transfer

7370 kB
Size

39
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjssA2STIqStQONyK9JtiFQzVoPtF9EUjxTbV0zpsbXgG57__zZcixtQ86dTfx8j0hyC6gzPHf5SmoPUv4XVfPwDKCgnhUShML_CeDrCOOUizFcCx-9rQUbaJad6y2oKmhdD6YzdBNQ_TTEL7xYwuT2cV8qcckExfuNIyd5iVVRTJkyPK4PqYSTjU8u_XTzfJHyajWCg8ukAilWIZujn0H4_jJ75AETGrgx6u4CGk1hodH_tCLU72Vl1ykQktQEoh_4h_MC3cmEq4WfG77jbtAnWhH9OtyRoIdX7cw3cKgPUUB2z1rb70W_4hQKuU8rIqEwjOseIJHYYaSPUkHtc&sig=Cg0ArKJSzKBZzgHsr4B9&fbs_aeid=[gw_fbsaeid]&adurl=https://www.mirrormedia.mg/story/20220303mkt001/%3Futm_source%3Dmm%26utm_medium%3DLogo%26utm_campaign%3Dmember2206%26utm_term%3DALL_Logo_Blue

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://sb.scorecardresearch.com/cs/24318560/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 39

https://sb.scorecardresearch.com/b?c1=2&c2=24318560&cs_it=b2&cv=3.8.0.210223&ns__t=1656095127982&ns_c=UTF-8&c7=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&c8=%E8%B7%9F%E6%B0%B8%E6%85%B6%E8%B2%B7%E5%88%B0%E8%A3%B8%E9%9C%B2%E3%80%8C%E7%B9%A1%E8%8A%B1%E9%87%9D%E9%8B%BC%E7%AD%8B%E6%B5%B7%E7%A0%82%E5%B1%8B%E3%80%8D%E3%80%80%E5%A5%B9%E6%8E%A7%E6%8A%95%E8%A8%B4%E5%A5%BD%E6%88%BF%E7%B6%B2%E5%8D%8A%E5%B9%B4%E6%B2%92%E4%BA%BA%E7%90%86&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=24318560&cs_it=b2&cv=3.8.0.210223&ns__t=1656095127982&ns_c=UTF-8&c7=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&c8=%E8%B7%9F%E6%B0%B8%E6%85%B6%E8%B2%B7%E5%88%B0%E8%A3%B8%E9%9C%B2%E3%80%8C%E7%B9%A1%E8%8A%B1%E9%87%9D%E9%8B%BC%E7%AD%8B%E6%B5%B7%E7%A0%82%E5%B1%8B%E3%80%8D%E3%80%80%E5%A5%B9%E6%8E%A7%E6%8A%95%E8%A8%B4%E5%A5%BD%E6%88%BF%E7%B6%B2%E5%8D%8A%E5%B9%B4%E6%B2%92%E4%BA%BA%E7%90%86&c9=

Request Chain 98

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&rid=esp&cc=1

Request Chain 119

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YrYBmAALQVmXnQAj HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YrYBmAALQVmXnQAj&_test=YrYBmAALQVmXnQAj

Request Chain 121

https://match.adsrvr.org/track/cmf/openx?oxid=3cc98e9f-7c71-7bfe-d6c9-ab0ebfdcf1c5&gdpr=0 HTTP 302
https://match.adsrvr.org/track/cmb/openx?oxid=3cc98e9f-7c71-7bfe-d6c9-ab0ebfdcf1c5&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072971&val=83e4313b-7d09-4924-b204-829672263dd6&ttd_puid=3cc98e9f-7c71-7bfe-d6c9-ab0ebfdcf1c5&gdpr=0&gdpr_consent=

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEVMAHXb58-hHPq9uZ28fgo&google_cver=1

Request Chain 130

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mirrormedia.mg&sn=ChromeSyncframe&so=0&topUrl=www.mirrormedia.mg&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=CnoC_nxmanQ0Y0pLeXNwYVpuY1FXbXdOdCsvQTcxUCtaRTU1YVVNakdWYjNHZ1Y1cS9xVE1wR1lVMFRsWldPY3JPOEUrUHBzWXV3MkovUEhzcGtkWHZGLzVyY3VzNmNVaENNQUdPekVJeGNYMW9VYzJqVFJHVHowbVRwZjlUWXZkS0NxWFNscFpYVWYyWmJaY0MwRWZmK3dXbTAzNytlYXlSWlJhRGdyR3pQYlEyWVlBamxMbVZQek0yeXlpOU04cEU5dElodUppU1JYNW54dnRQN1AyRUZ5Y1hTbW1rcksxNXd5b0Nid0xzWS9idGlCQ0pwb0VyWFFTMms3OU1QRjB2cVlvRUZKVEdXSXc2Qk1QWTVpNjdQVzUwUT09fA&cppv=2

131 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.mirrormedia.mg/story/20220504inv003/ 221 KB
49 KB 634ms
542ms Document
text/html 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

b9e040b6205576080c7389e189208d4ae90e3628d334af7a77035b645d144ed0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0 1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=600
content-encoding: gzip
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
content-type: text/html; charset=utf-8
date: Fri, 24 Jun 2022 18:25:27 GMT
etag: "37272-QLvNnyl5nNq5lNhqGc0BERZwZ3s"
expect-ct: max-age=0
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains max-age=604800; includeSubDomains
vary: Accept-Encoding
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-xss-protection: 0 1; mode=block

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 82 KB
28 KB 63ms
30ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

sffe /

Resource Hash

eb7fff3148d0aa8910ebd89ef71e47a2549d97bb09c30dba797fbb138127788f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28110
x-xss-protection: 0
server: sffe
etag: "1255 / 212 of 1000 / last-modified: 1656068710"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 24 Jun 2022 18:25:27 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 99 KB
39 KB 66ms
37ms Script
application/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-N9L3WX3

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1a2bb11a3450ac86e8d3dfa348b56c2c77f1deea3b3ffee515ef9e5cd8233bc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39085
x-xss-protection: 0
expires: Fri, 24 Jun 2022 18:25:27 GMT

GET
H2 200 6feb1a7.js Show response
www.mirrormedia.mg/_nuxt/ 3 KB
2 KB 13ms
10ms Script
application/javascript 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/_nuxt/6feb1a7.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

aa40f5b9eb82780066b82b7efab3137e32fe0de8215f56e445f5c0d50f340849

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 704347
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1707
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jun 2022 10:40:11 GMT
server: nginx
date: Thu, 16 Jun 2022 14:46:20 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"c98-1816c195ef8"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 14:46:20 GMT

GET
H2 200 7c43152.js Show response
www.mirrormedia.mg/_nuxt/ 255 KB
86 KB 11ms
9ms Script
application/javascript 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/_nuxt/7c43152.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

abe16dfda1122bb685713508a2b488b9c58898773c7c8257c44a9411a771887d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 830238
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 87810
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Jun 2022 03:27:20 GMT
server: nginx
date: Wed, 15 Jun 2022 03:48:09 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"3fc0f-1816566b9c0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 03:48:09 GMT

GET
H2 200 ec33a83.js Show response
www.mirrormedia.mg/_nuxt/ 1 MB
361 KB 18ms
16ms Script
application/javascript 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/_nuxt/ec33a83.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

c4499069efb4d85211ccc2f29dfb870d37ab960f011bb6b88696025177e0b4cb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 830240
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Jun 2022 03:27:20 GMT
server: nginx
date: Wed, 15 Jun 2022 03:48:07 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"15e563-1816566b9c0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 03:48:07 GMT

GET
H2 200 5e8cedc.js Show response
www.mirrormedia.mg/_nuxt/ 439 KB
90 KB 21ms
18ms Script
application/javascript 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/_nuxt/5e8cedc.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

a0ac4b436878716f4acf813eb89ae77af6693b9d5641c06f8d3d2349340cd987

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 830203
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91997
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Jun 2022 03:27:20 GMT
server: nginx
date: Wed, 15 Jun 2022 03:48:44 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"6ddeb-1816566b9c0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 03:48:44 GMT

GET
H2 200 3900c55.js Show response
www.mirrormedia.mg/_nuxt/ 143 KB
31 KB 22ms
20ms Script
application/javascript 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/_nuxt/3900c55.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

67b2bff8a268a36fbfff5fd520a4beb2d0c7fe485e43bd2a2fcf81defe679a10

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 704405
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31715
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 16 Jun 2022 10:40:11 GMT
server: nginx
date: Thu, 16 Jun 2022 14:45:22 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"23a60-1816c195ef8"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 14:45:22 GMT

GET
H2 200 95731db.js Show response
www.mirrormedia.mg/_nuxt/ 51 KB
13 KB 15ms
13ms Script
application/javascript 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/_nuxt/95731db.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

7498939a486073dad407b10a9ffd223834026a10d29eb4c0077fc2d91639b051

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 718972
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13697
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Jun 2022 03:27:20 GMT
server: nginx
date: Thu, 16 Jun 2022 10:42:35 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"cc9d-1816566b9c0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Mon, 15 Aug 2022 10:42:35 GMT

GET
H2 200 eecf2b1.js Show response
www.mirrormedia.mg/_nuxt/ 45 KB
9 KB 13ms
11ms Script
application/javascript 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/_nuxt/eecf2b1.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

d48cd8f24f0d9c0054202c7a815bed28a75dacb5bdc300373f489a8188e904b8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 830238
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9606
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Jun 2022 03:27:20 GMT
server: nginx
date: Wed, 15 Jun 2022 03:48:09 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"b491-1816566b9c0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 03:48:09 GMT

GET
H2 200 afdaf87.js Show response
www.mirrormedia.mg/_nuxt/ 17 KB
4 KB 14ms
12ms Script
application/javascript 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/_nuxt/afdaf87.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

a58336a93b06b6ffca034ccff9a5c2ffe14ab4cbde0242c8ce8f722bf92f488c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 830240
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4485
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Jun 2022 03:27:20 GMT
server: nginx
date: Wed, 15 Jun 2022 03:48:07 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"458e-1816566b9c0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 03:48:07 GMT

GET
H2 200 3f3738d.js Show response
www.mirrormedia.mg/_nuxt/ 41 KB
10 KB 18ms
16ms Script
application/javascript 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/_nuxt/3f3738d.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

70f2912eb6ca68f41613527e97dbd9921e25516fffdfa14fcff4107f1fccda99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 830228
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9962
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Jun 2022 03:27:20 GMT
server: nginx
date: Wed, 15 Jun 2022 03:48:19 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"a430-1816566b9c0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 03:48:19 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/24318560/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

5ms
5ms

Script
application/javascript

13.33.60.9
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Server: 13.33.60.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-9.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:09:42 GMT
content-encoding: gzip
etag: W/"5b0f9f0704a703b8da651007721fac57"
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
age: 946
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4a93be6e6adaadeec2a72967f0720080.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: TMqIiIv9R2UD3HMSgweNNbys3ORRILs9JAFvGLFKlnyH3eDGIz_4zg==

Redirect headers

location: /internal-cs/default/beacon.js
date: Fri, 24 Jun 2022 18:25:27 GMT
via: 1.1 4a93be6e6adaadeec2a72967f0720080.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
content-length: 0
x-amz-cf-id: wmiFejtxWoRTPkKSw8xxugq0yieEndqPDTSlrM_S-GeBZ-vHEi4wHg==
x-cache: Miss from cloudfront

GET
H3 200 9466b395576cafce1c4fc2b5fc36440a.svg
www.mirrormedia.mg/_nuxt/ 9 KB
4 KB 8ms
7ms Image
image/svg+xml 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mirrormedia.mg/_nuxt/9466b395576cafce1c4fc2b5fc36440a.svg

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

bb87924476eaa78bdda3d9fbf35c070ff0a9318682c537067f6113e5449f8088

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 1069054
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4035
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Jun 2022 03:31:46 GMT
server: nginx
date: Sun, 12 Jun 2022 09:27:53 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: image/svg+xml
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"2581-1813c37e8d0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 09:27:53 GMT

GET
H3 200 mirrorvoice.860c5d2.png
www.mirrormedia.mg/_nuxt/img/ 3 KB
3 KB 7ms
6ms Image
image/png 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mirrormedia.mg/_nuxt/img/mirrorvoice.860c5d2.png

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

9691ecb3c87f2864bba809018a7cd467ba9e90b989750193b1ec0d91b8513563

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 1090115
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3426
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Jun 2022 03:31:46 GMT
server: nginx
date: Sun, 12 Jun 2022 03:36:52 GMT
expect-ct: max-age=0
x-download-options: noopen
content-type: image/png
cache-control: max-age=5184000,public
etag: W/"d62-1813c37e8d0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 03:36:52 GMT

GET
H3 200 mirrorfiction.2ec7caa.png
www.mirrormedia.mg/_nuxt/img/ 3 KB
4 KB 9ms
7ms Image
image/png 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mirrormedia.mg/_nuxt/img/mirrorfiction.2ec7caa.png

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

61e3046d29a385e9a7d976a10830ae3018f7d01b2f362e96adeab073cad40551

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 1090104
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3564
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Jun 2022 03:31:46 GMT
server: nginx
date: Sun, 12 Jun 2022 03:37:03 GMT
expect-ct: max-age=0
x-download-options: noopen
content-type: image/png
cache-control: max-age=5184000,public
etag: W/"dec-1813c37e8d0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 03:37:03 GMT

GET
H3 200 readr.53e799e.png
www.mirrormedia.mg/_nuxt/img/ 1 KB
1 KB 12ms
10ms Image
image/png 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mirrormedia.mg/_nuxt/img/readr.53e799e.png

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

0549d74e0b6283a94bbc636df52e974fdd3a05d583436e512254d6c22b0dd5d6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 1090007
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1244
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Jun 2022 03:31:46 GMT
server: nginx
date: Sun, 12 Jun 2022 03:38:40 GMT
expect-ct: max-age=0
x-download-options: noopen
content-type: image/png
cache-control: max-age=5184000,public
etag: W/"4dc-1813c37e8d0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 03:38:40 GMT

GET
H2 200 20220504160804-42e591b5e68789dcbd074edff49482ea-mobile.jpg
www.mirrormedia.com.tw/assets/images/ 126 KB
127 KB 278ms
191ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220504160804-42e591b5e68789dcbd074edff49482ea-mobile.jpg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: a8c129dbed6fe54d669b0bccaeec395192031e222630400b26e89b6fca69d577

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:27 GMT
via: 1.1 google
age: 16283
x-guploader-uploadid: ADPycdtItZCJKgmpzLPrQsBSX20WGR6lqJ6HvxdPVMu6jMgWs4DvHGOMVppDCV-ZRu4Sv0H9oT27dV9MMph07Q3baUHEHA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129000
last-modified: Wed, 04 May 2022 08:08:07 GMT
server: nginx
etag: "965b3c3e239f82735bc5ce6f1c1eb15c"
x-goog-hash: crc32c=qqBtkQ==, md5=lls8PiOfgnNbxc5vHB6xXA==
x-goog-generation: 1651651687206972
cache-control: max-age=2592000, public
x-goog-stored-content-length: 129000
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 24 Jul 2022 18:25:27 GMT

GET
H3 200 sns-rounded-line.8c85d0e.png
www.mirrormedia.mg/_nuxt/img/ 3 KB
3 KB 12ms
10ms Image
image/png 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mirrormedia.mg/_nuxt/img/sns-rounded-line.8c85d0e.png

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

3b6fd61dce26e5740acf7c2ad3e7ddc57332933af090a124f024501f01f52415

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 1090062
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2992
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Jun 2022 03:31:46 GMT
server: nginx
date: Sun, 12 Jun 2022 03:37:45 GMT
expect-ct: max-age=0
x-download-options: noopen
content-type: image/png
cache-control: max-age=5184000,public
etag: W/"bb0-1813c37e8d0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 03:37:45 GMT

GET
H3 200 sns-rounded-ig.480e1e0.png
www.mirrormedia.mg/_nuxt/img/ 2 KB
2 KB 10ms
9ms Image
image/png 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mirrormedia.mg/_nuxt/img/sns-rounded-ig.480e1e0.png

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

185bac23010adf6a84a5bcc816ad0ada89afe212488d34b2bf02dcfdbafe1909

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 1090062
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1583
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Jun 2022 03:31:46 GMT
server: nginx
date: Sun, 12 Jun 2022 03:37:45 GMT
expect-ct: max-age=0
x-download-options: noopen
content-type: image/png
cache-control: max-age=5184000,public
etag: W/"62f-1813c37e8d0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 03:37:45 GMT

GET
H3 200 sns-rounded-yt.e501f9b.png
www.mirrormedia.mg/_nuxt/img/ 1 KB
1 KB 10ms
8ms Image
image/png 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mirrormedia.mg/_nuxt/img/sns-rounded-yt.e501f9b.png

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

04b86eaddf1a2f8f0b707e177c82b722107c548bd4ef2c2590873999d64cb204

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 1090030
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1250
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Jun 2022 03:31:46 GMT
server: nginx
date: Sun, 12 Jun 2022 03:38:17 GMT
expect-ct: max-age=0
x-download-options: noopen
content-type: image/png
cache-control: max-age=5184000,public
etag: W/"4e2-1813c37e8d0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 03:38:17 GMT

GET
H3 200 sns-rounded-mm.b5fa562.png
www.mirrormedia.mg/_nuxt/img/ 3 KB
3 KB 12ms
10ms Image
image/png 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mirrormedia.mg/_nuxt/img/sns-rounded-mm.b5fa562.png

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

bccb1b9d96e7ac156f0651ca8a14e3d15bcb3676bc2faec820964e243a5576e0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 1090061
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2924
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Jun 2022 03:31:46 GMT
server: nginx
date: Sun, 12 Jun 2022 03:37:46 GMT
expect-ct: max-age=0
x-download-options: noopen
content-type: image/png
cache-control: max-age=5184000,public
etag: W/"b6c-1813c37e8d0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 03:37:46 GMT

GET
H/1.1 200
OK atrk.js Show response
certify-js.alexametrics.com/ 4 KB
5 KB 59ms
6ms Script
application/javascript 99.84.126.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://certify-js.alexametrics.com/atrk.js
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.126.57 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-126-57.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Wed, 22 Jun 2022 01:54:23 GMT
Via: 1.1 b9e793c57a48521c3ff94fb625d228a0.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Tue, 27 Apr 2021 18:03:54 GMT
Server: AmazonS3
Age: 232265
ETag: "d89453438fbf10dcf4c13265c40d5160"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: EWR52-C3
Accept-Ranges: bytes
Content-Length: 4255
X-Amz-Cf-Id: M8NSg4z3qwWlCuLg6qrqr8zFZI_pV8MK6HCDwpSwqmsae88YGPxinw==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 18ms
5ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26344
x-xss-protection: 0
pragma: public
x-fb-debug: AGx+eu6/+ZefYPV7OCL8OF99xPpUG1/HT+x0gaRb2CoeGTd/sX9wIvPxgmenbh09D9z5chzrcXSXL4fjtzPZ2g==
x-fb-trip-id: 1512268381
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 18:25:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 155 KB
54 KB 91ms
71ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NCH86SP

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2bb87867c76c78d77003e0ef4ba8d8dce5f57f46c3e2f567020427fadb33f1db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:27 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55286
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 18:25:27 GMT

GET
DATA 200
OK truncated
/ 406 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 994172e09ae39203a5327d46cf6ad2aa960cf1b20a55788e569dd49fbf52a95c

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 129 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0ae8ebf778dc47a5ef593fd91fbd2f216b3824411cf11dd0f731ec8a3b02306

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 pubads_impl_2022062101.js Show response
securepubads.g.doubleclick.net/gpt/ 372 KB
126 KB 18ms
5ms Script
text/javascript 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

sffe /

Resource Hash

b75b3b21ae775a45091f0e3bf542ad86aa9b243dc2d6548d85090c79a1ccf68b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 10:42:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 129096
x-xss-protection: 0
last-modified: Tue, 21 Jun 2022 08:34:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 21 Jun 2023 10:42:57 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 324 B
185 B 33ms
21ms XHR
application/json 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.mirrormedia.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

11aac29c7d9c1ae9e8ca014940c6bf9a47b1a1a4f4b9e2134ae637b5efd135c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jun 2022 18:25:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160
x-xss-protection: 0
expires: Fri, 24 Jun 2022 18:25:27 GMT

GET
DATA 200
OK truncated
/ 369 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 396c0731a967ddbf25ba131d13aa55c0bcd6f9d146e76539544a9d532cb82b52

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 649 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d296ba1d4ac7b770357be342c87bb8f72a28f20690acb0b6c34a1f569f2692f5

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5704317f105ab1fed66de0c6d1f6cdcbffdaaf93bcbf2a703f6811ebdcc9c223

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 596 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15036a754fdbde5489d844eca34b708519a574de811f235e129102667f4143a7

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 492 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf12fd02323f3549bcd78d3180e8bcb96602d8395b3c37ce3c6e143b17f2076b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 343 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0096e2fc4e894ba8efa050e456e62878c2b903baec361ba619c5054a360b798e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 37ms
6ms Image
image/gif 13.33.60.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=%E8%B7%9F%E6%B0%B8%E6%85%B6%E8%B2%B7%E5%88%B0%E8%A3%B8%E9%9C%B2%E3%80%8C%E7%B9%A1%E8%8A%B1%E9%87%9D%E9%8B%BC%E7%AD%8B%E6%B5%B7%E7%A0%82%E5%B1%8B%E3%80%8D%E3%80%80%E5%A5%B9%E6%8E%A7%E6%8A%95%E8%A8%B4%E5%A5%BD%E6%88%BF%E7%B6%B2%E5%8D%8A%E5%B9%B4%E6%B2%92%E4%BA%BA%E7%90%86&time=1656095127685&time_zone_offset=0&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&random_number=5554811969&sess_cookie=b075348118196f638847ab65e87&sess_cookie_flag=1&user_cookie=b075348118196f638847ab65e87&user_cookie_flag=1&dynamic=true&domain=mirrormedia.mg&account=JEZvr1zDGU20kU&jsv=20130128&user_lang=en-US
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.60.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-50.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date: Fri, 24 Jun 2022 06:00:58 GMT
Via: 1.1 4a93be6e6adaadeec2a72967f0720080.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 44670
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: EWR52-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: D7MpWfuPCBQYppJB6gGpDZVNUU5cWsrdHzrOqbmE2w3BsyOhnlRw5Q==

GET
H2 204 x.png
redirect.prod.experiment.routing.cloudfront.aws.a2z.com/ 0
48 B 319ms
82ms Image
text/plain 2600:1f13:57e:7b02:129a:a9a6:7863:3a90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://redirect.prod.experiment.routing.cloudfront.aws.a2z.com/x.png
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f13:57e:7b02:129a:a9a6:7863:3a90 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:27 GMT
server: Server

GET
H3 200 bdfce16.js Show response
www.mirrormedia.mg/_nuxt/ 5 KB
2 KB 9ms
9ms Script
application/javascript 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/_nuxt/bdfce16.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/_nuxt/6feb1a7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

4645abd5aa88a75e672d329e93ce7a6d6619b1943f6474606c7df00e7bc5f551

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 834903
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2087
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Jun 2022 02:24:11 GMT
server: nginx
date: Wed, 15 Jun 2022 02:30:24 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"1486-181652ce8f8"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 02:30:24 GMT

GET
H3 200 20880b9.js Show response
www.mirrormedia.mg/_nuxt/ 23 KB
7 KB 8ms
7ms Script
application/javascript 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/_nuxt/20880b9.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/_nuxt/6feb1a7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

26e1c7c051cd868e1618b658ba2b577243688b68f6f69c0f3d046738f739f2be

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 834858
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7309
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Jun 2022 02:24:11 GMT
server: nginx
date: Wed, 15 Jun 2022 02:31:09 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"5af9-181652ce8f8"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 02:31:09 GMT

GET
H3 200 54b1df2.js Show response
www.mirrormedia.mg/_nuxt/ 283 B
278 B 9ms
8ms Script
application/javascript 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/_nuxt/54b1df2.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/_nuxt/6feb1a7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

31db9ef6938b98c235e1cf55314f1d4a30d8242f630250b4edb7663d0f7c7d4b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 834858
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 240
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Jun 2022 02:24:11 GMT
server: nginx
date: Wed, 15 Jun 2022 02:31:09 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"11b-181652ce8f8"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 02:31:09 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=24318560&cs_it=b2&cv=3.8.0.210223&ns__t=1656095127982&ns_c=UTF-8&c7=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&c8=%E8%B7%9F%E6%B0%B8%E6%...
https://sb.scorecardresearch.com/b2?c1=2&c2=24318560&cs_it=b2&cv=3.8.0.210223&ns__t=1656095127982&ns_c=UTF-8&c7=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&c8=%E8%B7%9F%E6%B0%B8%E6...

0
190 B

20ms
20ms

Image
text/plain

13.33.60.9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=24318560&cs_it=b2&cv=3.8.0.210223&ns__t=1656095127982&ns_c=UTF-8&c7=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&c8=%E8%B7%9F%E6%B0%B8%E6%85%B6%E8%B2%B7%E5%88%B0%E8%A3%B8%E9%9C%B2%E3%80%8C%E7%B9%A1%E8%8A%B1%E9%87%9D%E9%8B%BC%E7%AD%8B%E6%B5%B7%E7%A0%82%E5%B1%8B%E3%80%8D%E3%80%80%E5%A5%B9%E6%8E%A7%E6%8A%95%E8%A8%B4%E5%A5%BD%E6%88%BF%E7%B6%B2%E5%8D%8A%E5%B9%B4%E6%B2%92%E4%BA%BA%E7%90%86&c9=
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Server: 13.33.60.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-60-9.ewr52.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
via: 1.1 4a93be6e6adaadeec2a72967f0720080.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
x-amz-cf-id: AUomwOVmu6ygWYssG1siyXykKlUzkBGVCI7SDJ7XkLgCZ9xHR1dSDw==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=24318560&cs_it=b2&cv=3.8.0.210223&ns__t=1656095127982&ns_c=UTF-8&c7=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&c8=%E8%B7%9F%E6%B0%B8%E6%85%B6%E8%B2%B7%E5%88%B0%E8%A3%B8%E9%9C%B2%E3%80%8C%E7%B9%A1%E8%8A%B1%E9%87%9D%E9%8B%BC%E7%AD%8B%E6%B5%B7%E7%A0%82%E5%B1%8B%E3%80%8D%E3%80%80%E5%A5%B9%E6%8E%A7%E6%8A%95%E8%A8%B4%E5%A5%BD%E6%88%BF%E7%B6%B2%E5%8D%8A%E5%B9%B4%E6%B2%92%E4%BA%BA%E7%90%86&c9=
date: Fri, 24 Jun 2022 18:25:27 GMT
via: 1.1 4a93be6e6adaadeec2a72967f0720080.cloudfront.net (CloudFront)
x-amz-cf-pop: EWR52-C1
content-length: 0
x-amz-cf-id: kwj-nrLFZE3uW-Fg6MpBRAcMOZvG799-CfQnnf1eAj8OiVKl64HaDA==
x-cache: Miss from cloudfront

GET
H3 200 176410021005270 Show response
connect.facebook.net/signals/config/ 287 KB
83 KB 14ms
6ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/176410021005270?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

332cd1a20bccffc14d3656832372f6ef9ca563c3ace664d0f1c03b034e10d986

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84699
x-xss-protection: 0
pragma: public
x-fb-debug: N8iR8A60B/eKN11PMOY5D8iOasjF+vmvT/irDeikNZLSqSsDlO3I5+8SI8/1NYIQ+7om8ZCJhQY3IsaeQSJwzw==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 18:25:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
69 KB 54ms
40ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-341XFN0675&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCH86SP

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42ace83b40e6fc583e472c42403d5c82a4348da7492576a1e9cc316f1570c1ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70727
x-xss-protection: 0
expires: Fri, 24 Jun 2022 18:25:28 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 53ms
28ms Script
text/javascript 142.251.41.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NCH86SP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f2.1e100.net

Software

cafe /

Resource Hash

ea052aa751af43f1f14036098fdc5c12f74307b249ea49404ef1d22f31aacf70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15004
x-xss-protection: 0
server: cafe
etag: 3392035900036652626
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 24 Jun 2022 18:25:28 GMT

GET
H3 200 58f1020.js Show response
www.mirrormedia.mg/_nuxt/ 177 KB
56 KB 11ms
10ms Script
application/javascript 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/_nuxt/58f1020.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/_nuxt/6feb1a7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

06d50560f72b239ebe379831fe13973cba089dd95b627a948e3e38090a831a58

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 834863
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57039
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 15 Jun 2022 02:24:11 GMT
server: nginx
date: Wed, 15 Jun 2022 02:31:05 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"2c27d-181652ce8f8"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Sun, 14 Aug 2022 02:31:05 GMT

GET
H3 200 733664420167807 Show response
connect.facebook.net/signals/config/ 288 KB
83 KB 11ms
10ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/733664420167807?v=2.9.62&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ae1bc7423bd4187884b4f1678be12588e3e443eb15746619961df61e02ff526

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84883
x-xss-protection: 0
pragma: public
x-fb-debug: Pib1JEwRsHeZ6GCBpagbltSi1+oUl9uvVMow6dFcL9RI9hcDzfmEJ4lqFx6JESjWvCss4k9rMgJgfih23FTigg==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 24 Jun 2022 18:25:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 24ms
5ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=176410021005270&ev=PageView&dl=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&rl=&if=false&ts=1656095128083&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656095128081.1478933859&it=1656095127992&coo=false&exp=p1&rqm=GET

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 24 Jun 2022 18:25:28 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/871512815/ 2 KB
2 KB 49ms
27ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/871512815/?random=1656095128089&cv=9&fst=1656095128089&num=1&label=window.googe_tag_params&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&tiba=%E8%B7%9F%E6%B0%B8%E6%85%B6%E8%B2%B7%E5%88%B0%E8%A3%B8%E9%9C%B2%E3%80%8C%E7%B9%A1%E8%8A%B1%E9%87%9D%E9%8B%BC%E7%AD%8B%E6%B5%B7%E7%A0%82%E5%B1%8B%E3%80%8D%E3%80%80%E5%A5%B9%E6%8E%A7%E6%8A%95%E8%A8%B4%E5%A5%BD%E6%88%BF%E7%B6%B2%E5%8D%8A%E5%B9%B4%E6%B2%92&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

763d5bc4768dcff44842fe0d07f52a64159db4707146f8f512e2bbfec26bb0be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1177
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
152 B 20ms
19ms Ping
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-341XFN0675&gtm=2oe6m0&_p=1947786360&_z=ccd.v9B&cid=1273822392.1656095128&ul=en-us&sr=1600x1200&_s=1&sid=1656095128&sct=1&seg=0&dl=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&dt=%E8%B7%9F%E6%B0%B8%E6%85%B6%E8%B2%B7%E5%88%B0%E8%A3%B8%E9%9C%B2%E3%80%8C%E7%B9%A1%E8%8A%B1%E9%87%9D%E9%8B%BC%E7%AD%8B%E6%B5%B7%E7%A0%82%E5%B1%8B%E3%80%8D%E3%80%80%E5%A5%B9%E6%8E%A7%E6%8A%95%E8%A8%B4%E5%A5%BD%E6%88%BF%E7%B6%B2%E5%8D%8A%E5%B9%B4%E6%B2%92%E4%BA%BA%E7%90%86&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-341XFN0675&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:81c::200e New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mirrormedia.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 14ms
6ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=733664420167807&ev=PageView&dl=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&rl=&if=false&ts=1656095128141&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22969974103896282%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22USD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%223192777310982274%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22price%22%3A%22%E7%84%A6%E9%BB%9E%22%7D%7D%7D&fbp=fb.1.1656095128081.1478933859&it=1656095127992&coo=false&exp=p1&rqm=GET

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 24 Jun 2022 18:25:28 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/871512815/ 42 B
548 B 45ms
26ms Image
image/gif 2607:f8b0:4006:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/871512815/?random=1656095128089&cv=9&fst=1656093600000&num=1&label=window.googe_tag_params&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg6m0&sendb=1&frm=0&url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&tiba=%E8%B7%9F%E6%B0%B8%E6%85%B6%E8%B2%B7%E5%88%B0%E8%A3%B8%E9%9C%B2%E3%80%8C%E7%B9%A1%E8%8A%B1%E9%87%9D%E9%8B%BC%E7%AD%8B%E6%B5%B7%E7%A0%82%E5%B1%8B%E3%80%8D%E3%80%80%E5%A5%B9%E6%8E%A7%E6%8A%95%E8%A8%B4%E5%A5%BD%E6%88%BF%E7%B6%B2%E5%8D%8A%E5%B9%B4%E6%B2%92&async=1&fmt=3&is_vtc=1&random=388187757&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 20ms
5ms Script
text/javascript 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/_nuxt/ec33a83.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5341
date: Fri, 24 Jun 2022 16:56:27 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 24 Jun 2022 18:56:27 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 268 KB
69 KB 63ms
62ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W9F4QDN&timestamp=1656095128167

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f464834aa3e685857262791c5640446031f9fba67078149c9de405f5dbaa638

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70758
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 18:25:28 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
43 KB 36ms
36ms Script
application/javascript 2607:f8b0:4006:80c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MKB8VFG&timestamp=1656095128168

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80c::2008 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

569b4337fbe84cf2dc045c9677f62c6db35c1c7389d9127756ba97f9e6c77714

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44363
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 24 Jun 2022 18:25:28 GMT

POST
H3 200 tracking
www.mirrormedia.mg/api/v2/ 19 B
84 B 204ms
202ms Ping
application/json 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/api/v2/tracking

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/_nuxt/5e8cedc.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

1b7d6456ce093597ce2d94def666913bad1ca06805e19ba4188b4a341b2c25ff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
etag: W/"13-r/r24gt/78Oq4ITHadRye59wtuQ"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=604800; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
via: 1.1 google, 1.1 google
vary: Accept-Encoding
cache-control: public, max-age=600
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000

GET
H3 200 story Show response
www.mirrormedia.mg/api/v2/membership/v0/ 28 KB
8 KB 221ms
221ms XHR
application/json 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/api/v2/membership/v0/story?where=%7B%22slug%22%3A%2220220504inv003%22%2C%22isAudioSiteOnly%22%3Afalse%7D&clean=content&related=article

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/_nuxt/7c43152.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

9bb99d73f0041f24dd5a6460432d599e3bd69f91f6ac974302801ac54af91016

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.mirrormedia.mg/story/20220504inv003/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
etag: W/"6e3d-ejEt0wVbtykZQFlXYyi4rXm/jqM"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains, max-age=604800; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
via: 1.1 google, 1.1 google
vary: Accept-Encoding
cache-control: no-store
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000

GET
H3 200 event Show response
www.mirrormedia.mg/api/v2/ 2 KB
745 B 7ms
6ms XHR
application/json 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/api/v2/event?where=%7B%22isFeatured%22%3Atrue%2C%22eventType%22%3A%22logo%22%7D&max_results=1

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/_nuxt/7c43152.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

b523ac6045c42efadb4f6ded30c92a501308bd4d2dcd5fdd8272407f57630db0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.mirrormedia.mg/story/20220504inv003/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=604800; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 482
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 705
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
date: Fri, 24 Jun 2022 18:17:26 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/json; charset=utf-8
via: 1.1 google, 1.1 google
cache-control: public, max-age=600
etag: W/"8e9-9kfpx+54N1AfjJq7pHNL1NXTHRo"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 3 KB
2 KB 7ms
5ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/_nuxt/afdaf87.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548723965ba46e03bde750a54de839a7e2a453a9f630a151231155256d60b0d9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: edNpqnneYz9ybN+zO5LZYg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1689
x-fb-rlafr: 0
x-fb-debug: BI2G2gsISm/xNMOeIk3elovcIDFcBfAMTxhM+TksfiG9RMe/V+tEoKWo9vBpvBDuYlcD3mhvTpZya3eMOjhfVQ==
x-fb-content-md5: d41adce123f69b7532d5fa3e0c91d917
x-frame-options: DENY
date: Fri, 24 Jun 2022 18:25:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e551d3b21d0c9c31422c7a228f619b43"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 24 Jun 2022 18:29:12 GMT

GET
H3 200 d3199d8.js Show response
www.mirrormedia.mg/_nuxt/ 9 KB
3 KB 8ms
7ms Script
application/javascript 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/_nuxt/d3199d8.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/_nuxt/6feb1a7.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

2097097b31bd69c4fa53c32471612a7cffffb961769154cdb244b6d5d00e7fc1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 1069054
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3113
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Jun 2022 03:31:46 GMT
server: nginx
date: Sun, 12 Jun 2022 09:27:54 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/javascript; charset=UTF-8
via: 1.1 google, 1.1 google
cache-control: max-age=5184000,public
etag: W/"23eb-1813c37e8d0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 09:27:54 GMT

GET
H3 200 loading.f9d61e5.gif
www.mirrormedia.mg/_nuxt/img/ 22 KB
22 KB 8ms
7ms Image
image/gif 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.mirrormedia.mg/_nuxt/img/loading.f9d61e5.gif

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

e67f4e48b05201078f80908877869065017fadba886345e1c92787a53c1eee12

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0, 1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains, max-age=31536000; includeSubDomains
via: 1.1 google, 1.1 google
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 1090007
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22526
x-xss-protection: 0, 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Jun 2022 03:31:46 GMT
server: nginx
date: Sun, 12 Jun 2022 03:38:41 GMT
expect-ct: max-age=0
x-download-options: noopen
content-type: image/gif
cache-control: max-age=5184000,public
etag: W/"57fe-1813c37e8d0"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 03:38:41 GMT

GET
DATA 200
OK truncated
/ 309 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93d4335386ceba4a71e6bd6c7d24ecdcb50a9cd458bf0fad5a2d09f051313cf8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 46ms
25ms Script
application/javascript 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.mirrormedia.mg

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 1 KB
541 B 62ms
61ms XHR
text/plain 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3619297589704736&correlator=1365665575398268&eid=31064690%2C31067916%2C42531606&output=ldjh&gdfp_req=1&vrg=2022062101&ptt=17&impl=fif&iu_parts=40175602%2Cmirror_pc_wat_200x200_floating&enc_prev_ius=%2F0%2F1&prev_iu_szs=200x200%7C1x1&ifi=1&adks=2118522882&sfv=1-0-38&ecs=20220624&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1656095128355&lmt=1656095128&dlt=1656095127338&idt=692&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=644&ohw=1160&ga_vid=1273822392.1656095128&ga_sid=1656095128&ga_hid=1947786360&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

542fab120275a2fe06765ede5a4c2f3302cbdf104a917b4600aee5155da32f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 510
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mirrormedia.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 63ms
62ms XHR
text/plain 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3619297589704736&correlator=1365665575398268&eid=31064690%2C31067916%2C42531606&output=ldjh&gdfp_req=1&vrg=2022062101&ptt=17&impl=fif&iu_parts=40175602%2Cmirror_RWD_ros_110x50_logo&enc_prev_ius=%2F0%2F1&prev_iu_szs=95x50%7C1x1&ifi=2&adks=3262086296&sfv=1-0-38&ecs=20220624&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1656095128363&lmt=1656095128&dlt=1656095127338&idt=692&biw=1600&bih=1200&adxs=-12245933&adys=-12245933&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=1273822392.1656095128&ga_sid=1656095128&ga_hid=1947786360&ga_fc=true&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

7c8b5bcc18b0797596381051a914eb55d673a1cb6a3dfd1bbf4afc68f2b0d1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11499
x-xss-protection: 0
google-lineitem-id: 6029748861
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138393296888
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mirrormedia.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
69580243b080417e81d9e95e6a76cbd6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D37A 0
0 71ms
20ms Document
text/html 2607:f8b0:4006:824::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://69580243b080417e81d9e95e6a76cbd6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 18:25:28 GMT
expires: Sat, 24 Jun 2023 18:25:28 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 popularlist.json Show response
www.mirrormedia.mg/json/ 48 KB
48 KB 214ms
213ms XHR
application/json 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.mirrormedia.mg/json/popularlist.json
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/_nuxt/7c43152.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5116a7dbee3ee7e14406ee38a800093bde9df4bd10f816f446cd34e4cf6d63f5

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.mirrormedia.mg/story/20220504inv003/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
via: 1.1 google, 1.1 google
age: 0
x-guploader-uploadid: ADPycdtnCrt7rmKakti5EWrFSdUh6E2piHUHDmgGespoNj1k2Q4It6DApcUqlloBb7wGf1nBBQ5dCucdL8Ni_v7GP5sm
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49481
last-modified: Thu, 23 Jun 2022 18:22:11 GMT
server: nginx
etag: "e92129c24ca67acef326635d8a870336"
x-goog-hash: crc32c=eQ5d9A==, md5=6SEpwkymes7zJmNdiocDNg==
x-goog-generation: 1656008531136611
access-control-allow-origin: *
access-control-expose-headers: DNT, User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type, Range
cache-control: max-age=300,public
x-goog-stored-content-length: 49481
accept-ranges: bytes
content-type: application/json
expires: Fri, 24 Jun 2022 18:30:28 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 591ms
591ms XHR
text/plain 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3619297589704736&correlator=1365665575398268&eid=31064690%2C31067916%2C42531606&output=ldjh&gdfp_req=1&vrg=2022062101&ptt=17&impl=fif&iu_parts=40175602%2Cmirror_pc_news_300x600_R2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C1x1&ifi=3&adks=3281432672&sfv=1-0-38&ecs=20220624&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1656095128392&lmt=1656095128&dlt=1656095127338&idt=692&biw=1600&bih=1200&adxs=1030&adys=1720&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=1273822392.1656095128&ga_sid=1656095128&ga_hid=1947786360&ga_fc=true&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

3102abe3a636dff11a4594e1d15e94ccc9a947ed75efebcc9cfd05235aaf590e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9481
x-xss-protection: 0
google-lineitem-id: 6045977228
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138395866549
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mirrormedia.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
9 KB 1438ms
1437ms XHR
text/plain 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3619297589704736&correlator=1365665575398268&eid=31064690%2C31067916%2C42531606&output=ldjh&gdfp_req=1&vrg=2022062101&ptt=17&impl=fif&iu_parts=40175602%2Cmirror_pc_news_640x390_AT1&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x390%7C468x60%7C1x1&ifi=4&adks=2886570221&sfv=1-0-38&ecs=20220624&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1656095128397&lmt=1656095128&dlt=1656095127338&idt=692&biw=1600&bih=1200&adxs=298&adys=2779&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=695x0&msz=640x0&fws=4&ohw=1160&ga_vid=1273822392.1656095128&ga_sid=1656095128&ga_hid=1947786360&ga_fc=true&btvi=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

ce7e2cb1d6e8f31d19f6e591cf8ee0ee7b54366a4860a894e016356a3b9f31e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9022
x-xss-protection: 0
google-lineitem-id: 6017852351
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138391802174
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mirrormedia.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 1036ms
1036ms XHR
text/plain 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3619297589704736&correlator=1365665575398268&eid=31064690%2C31067916%2C42531606&output=ldjh&gdfp_req=1&vrg=2022062101&ptt=17&impl=fif&iu_parts=40175602%2Cmirror_pc_news_300x250_R1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C300x250%7C1x1&ifi=5&adks=421628586&sfv=1-0-38&ecs=20220624&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1656095128402&lmt=1656095128&dlt=1656095127338&idt=692&biw=1600&bih=1200&adxs=1030&adys=480&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=1273822392.1656095128&ga_sid=1656095128&ga_hid=1947786360&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

417cdf4f6ca75ea91eeaf9a3fa2b05580badc32910d5093b5483a16ec4b58c57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11548
x-xss-protection: 0
google-lineitem-id: 6039482085
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138395299723
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mirrormedia.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 getlist Show response
www.mirrormedia.mg/api/v2/ 35 KB
6 KB 9ms
9ms XHR
application/json 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.mirrormedia.mg/api/v2/getlist?sort=-publishedDate&where=%7B%22sections%22%3A%2257e1e0e5ee85930e00cad4e9%22%7D

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/_nuxt/7c43152.js

Protocol

Security

QUIC, , AES_128_GCM

Server

35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

142.140.244.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

5207dbf4ca0b99edb0873c3e16d8c72a2714971f3c454dc035ac5dff52d5fa1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.mirrormedia.mg/story/20220504inv003/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=604800; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 376
x-dns-prefetch-control: off
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5790
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: nginx
date: Fri, 24 Jun 2022 18:19:12 GMT
expect-ct: max-age=0
vary: Accept-Encoding
x-download-options: noopen
content-type: application/json; charset=utf-8
via: 1.1 google, 1.1 google
cache-control: public, max-age=600
etag: W/"8bd1-wiGEdX3pgDFLc558JQfnsFDtOg8"
content-security-policy: frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
13 KB 1665ms
1665ms XHR
text/plain 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3619297589704736&correlator=1365665575398268&eid=31064690%2C31067916%2C42531606&output=ldjh&gdfp_req=1&vrg=2022062101&ptt=17&impl=fif&iu_parts=40175602%2Cmirror_pc_news_970x250_HD&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C1x1&ifi=6&adks=3353544687&sfv=1-0-38&ecs=20220624&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1656095128422&lmt=1656095128&dlt=1656095127338&idt=692&biw=1600&bih=1200&adxs=315&adys=180&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1060x0&msz=970x0&fws=4&ohw=1160&ga_vid=1273822392.1656095128&ga_sid=1656095128&ga_hid=1947786360&ga_fc=true&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

1cc6904aa78717a84722f88023a91d201650f4f066df773bf5c7659be4305f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13314
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.mirrormedia.mg
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 20220504160822-618eb7032614a08bb04e29ea669ee800-tablet.jpg
www.mirrormedia.com.tw/assets/images/ 117 KB
117 KB 213ms
204ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220504160822-618eb7032614a08bb04e29ea669ee800-tablet.jpg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 81bec2984d1b0441d0d500c44032a28e06a116396b0d665027f6db12f24a14be

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
via: 1.1 google
age: 16787
x-guploader-uploadid: ADPycdtvn4xEb7w-Qd4dbfvGhzz85CJ08Oc_-3QfO-klp22wMi3eBazdl3GRFlqWOJ1Tn2kI79tYxgvl9Erfy_PsvYJ50Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119848
last-modified: Wed, 04 May 2022 08:08:24 GMT
server: nginx
etag: "155da4145fd0bb4e8c65b1f977c424f2"
x-goog-hash: crc32c=WZgUxQ==, md5=FV2kFF/Qu06MZbH5d8Qk8g==
x-goog-generation: 1651651704512304
cache-control: max-age=2592000, public
x-goog-stored-content-length: 119848
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 24 Jul 2022 18:25:28 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 19ms
18ms XHR
text/plain 2607:f8b0:4006:81c::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1947786360&t=pageview&_s=1&dl=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&dp=%2Fstory%2F20220504inv003%2F&ul=en-us&de=UTF-8&dt=%E8%B7%9F%E6%B0%B8%E6%85%B6%E8%B2%B7%E5%88%B0%E8%A3%B8%E9%9C%B2%E3%80%8C%E7%B9%A1%E8%8A%B1%E9%87%9D%E9%8B%BC%E7%AD%8B%E6%B5%B7%E7%A0%82%E5%B1%8B%E3%80%8D%E3%80%80%E5%A5%B9%E6%8E%A7%E6%8A%95%E8%A8%B4%E5%A5%BD%E6%88%BF%E7%B6%B2%E5%8D%8A%E5%B9%B4%E6%B2%92%E4%BA%BA%E7%90%86&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aADAAEABEAAAAC~&jid=1288652916&gjid=1149069175&cid=1273822392.1656095128&tid=UA-83609754-1&_gid=1026573841.1656095128&_r=1&_slc=1&z=1370475779

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81c::200e New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.mirrormedia.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 86ms
7ms Script
application/javascript 34.102.146.192
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 08:14:27 GMT
content-encoding: gzip
age: 987061
x-guploader-uploadid: ADPycdtB7ppzsE7Kvtw3yaCr8M9mT0RcXU4rd0Ta9KzgOiurCyq9JNG_3Tamn5LlmjBc-UDXw0emzZzMQVOcLlmwyZY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
x-goog-generation: 1622140251693895
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 13 Jun 2023 08:14:27 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 36 KB
12 KB 424ms
11ms Script
text/javascript 2620:100:a001::4
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::4 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

nginx /

Resource Hash

bfafefab6495db40df1cda93e99fba7f01384e766cb8c414735ba965c7b84d65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:01 GMT
server: nginx
etag: W/"6271101d-8ed3"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 25 Jun 2022 18:25:28 GMT

GET
H2 200 pubcid.min.js Show response
id.sharedid.org/lib/ 732 B
904 B 318ms
89ms Script
application/javascript 18.236.53.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/lib/pubcid.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.236.53.150 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-236-53-150.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
cache-control: public, max-age=86400
last-modified: Mon, 20 Jun 2022 18:36:12 GMT
accept-ranges: bytes
content-length: 732
vary: accept-encoding
content-type: application/javascript

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 42 KB
12 KB 132ms
41ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

587aba38502fe9bb89702f7ff84c8495c27fab3334ad33fa790c8ce328d5b25f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:01:24 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.122.0/26
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: bhs
content-disposition: attachment;filename="esp.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11767
x-request-id: 212828382

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 27 KB
9 KB 39ms
8ms Script
text/javascript 99.84.37.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.84.37.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-37-90.ewr52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cb33b3b2fa42f7695238fb0adc21dfd3d85b93402dc9d6997d645e4b7780245a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Fri, 24 Jun 2022 11:27:40 GMT
content-encoding: gzip
last-modified: Mon, 25 Apr 2022 17:47:23 GMT
server: AmazonS3
age: 25069
etag: W/"9dad6de292defdc88b233f5b2a2694fd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 862ec075039e1105ce2f16200feebc3a.cloudfront.net (CloudFront)
cache-control: max-age: 86400
x-amz-cf-pop: EWR52-C4
x-amz-cf-id: rmjN2frrgLCImEZ4-tFF7qNWOvk4l7ipAZUB3Z48QWAYVkULnIJRlQ==

GET
H2 200 uid2-sdk-0.0.1b.js Show response
prod.uidapi.com/static/js/ 4 KB
5 KB 150ms
23ms Script
application/javascript 3.14.218.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.uidapi.com/static/js/uid2-sdk-0.0.1b.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.14.218.241 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-14-218-241.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
cache-control: public, max-age=86400
last-modified: Tue, 17 May 2022 17:30:07 GMT
accept-ranges: bytes
content-length: 4559
vary: accept-encoding
content-type: application/javascript

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 42ms
41ms Fetch
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu08oe3RRYwlvX1ay6it-1zMQ4tkyS_nkNe271B309O-dPHsJ63smA3pZYJyPT4RE3dplGrwGNHB7O1nEoinEv7pxsKl_7ktwWX7WL3fCcCHYIJmdZUqdaez5U5O__ylPVB91lXOOPrpWGCvXcvMt9PRG4MsATzoHqPxdFRkFAfYuQy7acR1ASNwHJXaBvEdBgB62eOo7Knr21dgzlDEbEB3BkeWlsZ9VnJCzSHiZ7IyuAt83oxiokP6UrxeTpSdQJwZpCLtG51uqqwQZiI9u13v_8D5nR0tP8BJrzlsHM-CPLtY_BgYg-288ASjAk3qw3HsPxHg-aP2opudH-c-n4&sig=Cg0ArKJSzDqvaVqpMYbgEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jun 2022 18:25:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/ 3 KB
2 KB 35ms
3ms Script
text/javascript 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220623/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:19:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 371
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 08 Jul 2022 18:19:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ 137 KB
43 KB 67ms
42ms Script
text/javascript 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43180
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655912982481896"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 24 Jun 2022 18:25:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ 0
0 45ms
31ms Image
text/html 2607:f8b0:4006:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR9FocXmPgxLMv459FXZHgckOSXGtdWCCQxn4VyT8Tl8Albp_JSPKsWmLcWsLHjnoQvUxy1pq4ZKzxg7C7eT0qkWiqbdQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:80a::2004 New York, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

GET
H2 200 12464119099044332653
tpc.googlesyndication.com/simgad/ 11 KB
11 KB 35ms
4ms Image
image/gif 2607:f8b0:4006:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12464119099044332653

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2001 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a29091cb8dba03767cacbe8888c661f0854242246fa4eb0ef3ec27dd0cddca21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 16:32:24 GMT
x-content-type-options: nosniff
age: 265984
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10986
x-xss-protection: 0
last-modified: Mon, 30 May 2022 08:50:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Jun 2023 16:32:24 GMT

GET
H3 200 20220624230123-f9b571744fee39bc09870b69b3d97d7d-mobile.jpeg
www.mirrormedia.com.tw/assets/images/ 41 KB
41 KB 14ms
8ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220624230123-f9b571744fee39bc09870b69b3d97d7d-mobile.jpeg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c9330a0c9cd04f0e1e99012ec6805339787646f227b39ca5839a521d2aa7f9ed

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 15:55:52 GMT
via: 1.1 google
age: 8976
x-guploader-uploadid: ADPycds1LIIASMiORBzqSdGXt62kxJQ4DgTRUrVTa7xYzJBtv9pEFbyxt6Pe0kVYkDpEF_eExJuZweptzp5pbTnzc2gIQthvMZfF
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42366
last-modified: Fri, 24 Jun 2022 15:01:24 GMT
server: nginx
etag: "80ebd8773cd582de8fc5203cd6faf80b"
x-goog-hash: crc32c=ibzm0A==, md5=gOvYdzzVgt6PxSA81vr4Cw==
x-goog-generation: 1656082883960551
cache-control: max-age=2592000,public
x-goog-stored-content-length: 42366
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 24 Jul 2022 15:55:52 GMT

GET
H3 200 20220624223731-3845beb920d4ee70719d8ebcd27b3603-mobile.jpg
www.mirrormedia.com.tw/assets/images/ 51 KB
51 KB 18ms
11ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220624223731-3845beb920d4ee70719d8ebcd27b3603-mobile.jpg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 705252cf5da1fdaf88ccaa14834bfe657c1f8d620cfa6cb30a1dbed60e8084fc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 15:08:09 GMT
via: 1.1 google
age: 11839
x-guploader-uploadid: ADPycdvRXFizaqS5biG7dC0AyxiCgs6f4CFKn5T04yxWEZ6u-Fj5G5ksujI3Oq8HoAjVm5v8rKs7bhAY4RplIP9KwerTMB9iqP7p
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51784
last-modified: Fri, 24 Jun 2022 14:37:32 GMT
server: nginx
etag: "f0b735d647bc082273339d015083c2a2"
x-goog-hash: crc32c=bDI1kA==, md5=8Lc11ke8CCJzM50BUIPCog==
x-goog-generation: 1656081452621279
cache-control: max-age=2592000,public
x-goog-stored-content-length: 51784
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 24 Jul 2022 15:08:09 GMT

GET
H3 200 20220624215715-59203d76fd69d6fcdaa139371a94bc94-mobile.jpeg
www.mirrormedia.com.tw/assets/images/ 40 KB
40 KB 26ms
18ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220624215715-59203d76fd69d6fcdaa139371a94bc94-mobile.jpeg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4bc5de0c2eb1d1cc7f5501b5d8165a232f49954b12fb762e3ddbe2a017c1c78c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 14:18:20 GMT
via: 1.1 google
age: 14828
x-guploader-uploadid: ADPycdup7tNVdC5MqlARahx8NfoMGflAIQH9RGLnB4dPg3c1CQ3DvwxIj2wRqD9SCXqdUkCaBIDuSFj5QfhbqDfV7A0jNSjYfvRS
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40457
last-modified: Fri, 24 Jun 2022 13:57:17 GMT
server: nginx
etag: "683cbb1cd5c37abf9afe0b1a4eb61995"
x-goog-hash: crc32c=sPgB/A==, md5=aDy7HNXDer+a/gsaTrYZlQ==
x-goog-generation: 1656079036983036
cache-control: max-age=2592000,public
x-goog-stored-content-length: 40457
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 24 Jul 2022 14:18:20 GMT

GET
H3 200 20220624211838-e6d0fa4e58b2117bc6af70991f789ebb-mobile.jpg
www.mirrormedia.com.tw/assets/images/ 22 KB
22 KB 27ms
19ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220624211838-e6d0fa4e58b2117bc6af70991f789ebb-mobile.jpg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 16d72a1c24755260a67a2979f4b41f2ad168a878c1683b91d08389ca97de87a2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 17:20:13 GMT
via: 1.1 google
age: 13597
x-guploader-uploadid: ADPycduY48XiFKX4cgNQ33k8IHLcd2vxvPqzgXAopk8Y4jDba_l8Sfq2khhcht9D6TS2ikEkbuVh7VMViwBg6EeH_88boM972Dy-
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22177
last-modified: Fri, 24 Jun 2022 13:18:39 GMT
server: nginx
etag: "acd736386505b7fd60b65155cc1cfa40"
x-goog-hash: crc32c=o5Nk5g==, md5=rNc2OGUFt/1gtlFVzBz6QA==
x-goog-generation: 1656076719916687
cache-control: max-age=2592000,public
x-goog-stored-content-length: 22177
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 24 Jul 2022 17:20:13 GMT

GET
H3 200 20220624201330-9423ef86b9ca8ce3948c914667364a48-mobile.jpeg
www.mirrormedia.com.tw/assets/images/ 71 KB
71 KB 32ms
24ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220624201330-9423ef86b9ca8ce3948c914667364a48-mobile.jpeg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fb4b154fe8eacb1004bc15c39111ca93635845fadd4d6928cf813ffd92ddf097

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 12:38:54 GMT
via: 1.1 google
age: 20794
x-guploader-uploadid: ADPycdsX570TcOMrpmgJn-xsOGTLPBOfq0xZpAckFQES4v6JRwx3GagO6OkihJxlK-gAgIawv6NLE0zGnYhRyqUnyMLzMg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72925
last-modified: Fri, 24 Jun 2022 12:13:32 GMT
server: nginx
etag: "850459a160efd168725a23d7b075cd66"
x-goog-hash: crc32c=67TBhA==, md5=hQRZoWDv0WhyWiPXsHXNZg==
x-goog-generation: 1656072812111079
cache-control: max-age=2592000,public
x-goog-stored-content-length: 72925
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 24 Jul 2022 12:38:54 GMT

GET
H3 200 20220624184617-058626eab1bd356ed2c7bf3f297e205c-mobile.jpeg
www.mirrormedia.com.tw/assets/images/ 53 KB
53 KB 35ms
27ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220624184617-058626eab1bd356ed2c7bf3f297e205c-mobile.jpeg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 59297a27b3b49705990baec358c766a222fc947d05d8978b193d93c2ad7c43eb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 11:09:40 GMT
via: 1.1 google
age: 26148
x-guploader-uploadid: ADPycdsQQ8Ao-3uMQMGNgkQny4b4difKWRzxLc4HGjOCDtgT49il_rTOm_EClnYa1wZSkmgJGWkm39h4SE-50IUn87nSgQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54555
last-modified: Fri, 24 Jun 2022 10:46:19 GMT
server: nginx
etag: "97e65842d853c541428a2a0e46429754"
x-goog-hash: crc32c=Hx2z4A==, md5=l+ZYQthTxUFCiioORkKXVA==
x-goog-generation: 1656067579881009
cache-control: max-age=2592000,public
x-goog-stored-content-length: 54555
accept-ranges: bytes
content-type: image/jpeg
expires: Sun, 24 Jul 2022 11:09:40 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
442 B 59ms
21ms XHR
text/plain 2607:f8b0:4004:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-83609754-1&cid=1273822392.1656095128&jid=1288652916&gjid=1149069175&_gid=1026573841.1656095128&_u=aADAAEAAEAAAAC~&z=1113977237

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c06::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 24 Jun 2022 18:25:28 GMT
content-type: text/plain
access-control-allow-origin: https://www.mirrormedia.mg
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/zh_TW/ 300 KB
86 KB 25ms
14ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/zh_TW/sdk.js?hash=1e687a0db868067ff2548451365494a7

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/zh_TW/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

377f0f4a2b8aff8f8032b2353aa2ff2595a09cb75f6be5ac7bb38aa6657120ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
Origin: https://www.mirrormedia.mg
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Anfru5P64QLdrmzY5Cvv5g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87617
x-fb-rlafr: 0
x-fb-debug: /M7lRvk2mgPg+gQaUDshNRWwuLcwsEIvmFxdoEn/vxvmfyKAYKk8RCjAT1KheX9uanWdZ8Hz+SRrpan+aKtC2A==
x-fb-content-md5: 5c3c9f64a45702f49ca924109866baab
x-frame-options: DENY
date: Fri, 24 Jun 2022 18:25:28 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "5e30eca52758b3e6012b5b99a9ed7912"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 24 Jun 2023 16:48:57 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 85 KB
30 KB 41ms
6ms Script
text/javascript 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Sun, 19 Jun 2022 01:09:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 494151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30244
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 19 Jun 2023 01:09:37 GMT

GET
H2 200 uuid_iframe.php Show response
auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/ Frame ABDE 2 KB
980 B 234ms
192ms Document
text/html 34.96.95.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.95.4 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.95.96.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 294b0c2e3ec3edc89ec51dcef5ef2e099b3111a0634b2e7121cd249744d39b3a

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 917
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 18:25:28 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 avivid_pseudo_native_subscribe.css
avivid.likr.tw/avivid_css/avivid_pseudo_native_subscribe/ 444 B
630 B 64ms
29ms Stylesheet
text/css 2606:4700:10::ac43:1a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/avivid_css/avivid_pseudo_native_subscribe/avivid_pseudo_native_subscribe.css
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5fdffe46c571b0b392a68f61772f38210b2172738fc1dac3be70794daefebf6b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3514
last-modified: Fri, 03 Nov 2017 02:54:19 GMT
server: cloudflare
etag: W/"1e0019-1bc-55d0b38977fa5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 720781999fff1982-EWR
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 200 uuid_iframe.php Show response
auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/ Frame 74B2 2 KB
1 KB 206ms
186ms Document
text/html 34.96.95.4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://auto-load-balancer.likr.com.tw/pushEndPoint/uuid_gen/uuid_iframe.php
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.95.4 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 4.95.96.34.bc.googleusercontent.com
Software: Apache/2.4.41 (Ubuntu) /
Resource Hash: 294b0c2e3ec3edc89ec51dcef5ef2e099b3111a0634b2e7121cd249744d39b3a

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 917
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 18:25:28 GMT
server: Apache/2.4.41 (Ubuntu)
vary: Accept-Encoding
via: 1.1 google

GET
H2 200 ios_water_webpush_v21.js Show response
avivid.likr.tw/api/ 54 KB
11 KB 72ms
49ms Script
text/javascript 2606:4700:10::ac43:1a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/api/ios_water_webpush_v21.js
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40c8f15fe47ca80d0abb935b0b819c10eab4045ae3d47299902adb3478766e8c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 6600
last-modified: Wed, 22 Jun 2022 04:00:15 GMT
server: cloudflare
etag: W/"24d9f-d91e-5e2015fe8b4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 7207819998001982-EWR
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 156 B
616 B 82ms
38ms XHR
application/json 18.235.231.13
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.235.231.13 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-235-231-13.compute-1.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 13d51456c6ebec7ba15e8c27a572090203f236b47fd44141f7bd81fba30d6df4

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.mirrormedia.mg
cache-control: no-cache
x-server: 10.40.40.236
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 156
expires: 0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 25ms
25ms Image
image/gif 2607:f8b0:4006:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-83609754-1&cid=1273822392.1656095128&jid=1288652916&_u=aADAAEAAEAAAAC~&z=567273807

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80a::2004 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&rid=esp&cc=1

85 B
103 B

45ms
34ms

Fetch
application/json

34.120.107.143
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&rid=esp&cc=1
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Server: 34.120.107.143 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 8b5b3fae6efadc03a1ed3f2b3baa41946497cf58d4c9b772ed913857695ea319

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
via: 1.1 google
etag: W/"55-U0MQ6kT4Emh789EoQAgxHocVAz0"
x-powered-by: Express
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.mirrormedia.mg
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Fri, 24 Jun 2022 18:25:28 GMT
via: 1.1 google
access-control-allow-origin: https://www.mirrormedia.mg
x-powered-by: Express
vary: Origin
location: /esp?url=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ 0
0 67ms
66ms Fetch
image/gif 142.251.40.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuGA5GAKBPrufmGAATYP1cqtIHgZLu8mGI8V9LH5U5bgbeEOC0m4dOTLsTpM6CIyORs0lthIj3xRic-VmB2MowS32M1-bt7vA8Wld_0BlBk1t98XlUzvIrInpqLjQkos2S3XY_svQoFg8DkifDUEsP7aZm89u7cgzVltvfSyvSqEljCIgeBKr3CvtzxR8_0sobWwx5UdJ-kliaPpgxkkJh_KjpwVc83DHHO1LiCPVikQWlgMD_X9snIW90wF6pL1YC8pIiblEP59uWrWkTOBk6zj1-RbXOzWmkegXGNTtu2UygBFUFxweiDOmzrqHPMwz7vYlkZZnj5rB4GGHxTA2Joug&sig=Cg0ArKJSzC8Xgl7m1m1hEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s81-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 24 Jun 2022 18:25:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Fri, 24 Jun 2022 18:25:28 GMT

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7c7838266f3e38d63a440ab96582bb4e3c08e92892a56151583fabbb5dbfad0

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 20220622224253-99fd8305a4c701a30e9ddee0d4fd41bd-mobile.jpg
www.mirrormedia.com.tw/assets/images/ 31 KB
31 KB 11ms
9ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220622224253-99fd8305a4c701a30e9ddee0d4fd41bd-mobile.jpg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ce924a34e072a9ff9cf5678cf9e140223ef0b5a88ec9be3793cb649f941e185b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 14:52:33 GMT
via: 1.1 google
age: 185575
x-guploader-uploadid: ADPycdtmyq-C8wFFU2kdgHbhMxpZLIyLldr5GHjukUkPlb8eSYNIFA8Jzqc9juuin__mYhNL9UaO-GMt7SRYP3wwHdH5lA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31492
last-modified: Wed, 22 Jun 2022 14:42:54 GMT
server: nginx
etag: "1f1e74140baa854d1db2f2da290bb96f"
x-goog-hash: crc32c=7bUkgA==, md5=Hx50FAuqhU0dsvLaKQu5bw==
x-goog-generation: 1655908974675789
cache-control: max-age=2592000,public
x-goog-stored-content-length: 31492
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 22 Jul 2022 14:52:33 GMT

GET
H3 200 20220623131410-3f98b095b96e3831680a99f16f496f24-mobile.jpg
www.mirrormedia.com.tw/assets/images/ 53 KB
53 KB 16ms
8ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220623131410-3f98b095b96e3831680a99f16f496f24-mobile.jpg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 9e4d5edcc59fb3c87e33450766707e9a0069402e397601608f5995b0b114f82c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 06:00:31 GMT
via: 1.1 google
age: 131097
x-guploader-uploadid: ADPycdtvPXI7qRGySNv0HtGEXg6S5z-pbw_w6f3XTyhLwvvhcAXsyV3OG08yGpoYqrjUYmZN1_WOC2GEEALXO0INHWHpYgag69NY
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53999
last-modified: Thu, 23 Jun 2022 05:14:11 GMT
server: nginx
etag: "4ef1b96cb4c068f12d7774dd6d6395cb"
x-goog-hash: crc32c=2ZJo3Q==, md5=TvG5bLTAaPEtd3TdbWOVyw==
x-goog-generation: 1655961251800103
cache-control: max-age=2592000,public
x-goog-stored-content-length: 53999
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 23 Jul 2022 06:00:31 GMT

GET
H3 200 20220622145018-6677fe19ecf5fd321a04f009de0cdd6f-mobile.jpg
www.mirrormedia.com.tw/assets/images/ 26 KB
26 KB 14ms
7ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220622145018-6677fe19ecf5fd321a04f009de0cdd6f-mobile.jpg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7c8c5f4f6b95e9008a7a3682bf38d303b93614e1c0282e401ce2f9c609343e55

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 07:11:32 GMT
via: 1.1 google
age: 213236
x-guploader-uploadid: ADPycdvCA5OJQkChOGI6QioGqy56y_tvOC9diVjc6bPwVI6jMH6Yu23P9dDI2pga0cVJPEeiFsCEON5zJJ2dMQxcf3Hvhwtspf1u
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27084
last-modified: Wed, 22 Jun 2022 06:50:19 GMT
server: nginx
etag: "2598902f736697d0c90b243c7f3c6be8"
x-goog-hash: crc32c=R3ifPQ==, md5=JZiQL3Nml9DJCyQ8fzxr6A==
x-goog-generation: 1655880619657546
cache-control: max-age=2592000,public
x-goog-stored-content-length: 27084
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 22 Jul 2022 07:11:32 GMT

GET
H3 200 20220622103244-8440ef3fc63f71a00335bca529dddad1-mobile.jpg
www.mirrormedia.com.tw/assets/images/ 45 KB
45 KB 17ms
9ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220622103244-8440ef3fc63f71a00335bca529dddad1-mobile.jpg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: f73dbd67cd1cad78f5046130b8bf2a406330ef23029f93f21196f58eddbaca1f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 03:02:36 GMT
via: 1.1 google
age: 228172
x-guploader-uploadid: ADPycdvTmXEWQuPPfRer7pZkjel4Nnlc4k5km6_ctwQgI1aeRZL1REEaXzpMZUI1YJm7ZIEQDNEbL55Js3LI8JHvw6FPQI3keI3S
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45915
last-modified: Wed, 22 Jun 2022 02:32:45 GMT
server: nginx
etag: "e057952e8b89068340ef52d90969d006"
x-goog-hash: crc32c=foOxOg==, md5=4FeVLouJBoNA71LZCWnQBg==
x-goog-generation: 1655865164996243
cache-control: max-age=2592000,public
x-goog-stored-content-length: 45915
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 22 Jul 2022 03:02:36 GMT

GET
H3 200 20220623094426-e2220b7b4445c903892d7c23a7feffd8-mobile.jpg
www.mirrormedia.com.tw/assets/images/ 79 KB
79 KB 26ms
19ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220623094426-e2220b7b4445c903892d7c23a7feffd8-mobile.jpg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ee7e745eeef3bcc1105fc874db548201bba2bf4a717314440f18c5eb3e085510

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 02:11:31 GMT
via: 1.1 google
age: 144837
x-guploader-uploadid: ADPycdsf1OUumL_2sBiOlDwVGsvKIS5NkAObQqy9DQJLNTKUHjYNoApA0G4ty5YHHmeyBjHqd_2XZ-NU7vtv-QuA_mokvg
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80971
last-modified: Thu, 23 Jun 2022 01:44:28 GMT
server: nginx
etag: "209b02115a2366534e322b8cb126f017"
x-goog-hash: crc32c=LXUZjw==, md5=IJsCEVojZlNOMiuMsSbwFw==
x-goog-generation: 1655948668659694
cache-control: max-age=2592000,public
x-goog-stored-content-length: 80971
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 23 Jul 2022 02:11:31 GMT

GET
H3 200 20220623122203-33bb478abc676c5a31bafd7fccb231fb-mobile.jpg
www.mirrormedia.com.tw/assets/images/ 47 KB
47 KB 20ms
13ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220623122203-33bb478abc676c5a31bafd7fccb231fb-mobile.jpg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6db5b12cb114bc0b5b702cd7b2129108e657060975b6d945438b3ea56e1e97f6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Thu, 23 Jun 2022 04:28:11 GMT
via: 1.1 google
age: 136637
x-guploader-uploadid: ADPycdsmE6maXyGwd5F5B_wURYAe7P6pcz10UunHYSKrcgQRf8x_wjqSyPQbESnD4SjFFMcblkWoi3nkog--YSyoP1HuzA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47645
last-modified: Thu, 23 Jun 2022 04:22:04 GMT
server: nginx
etag: "0dff803f38a3ad16d481d4470d8f675e"
x-goog-hash: crc32c=GvS53Q==, md5=Df+APzijrRbUgdRHDY9nXg==
x-goog-generation: 1655958124339115
cache-control: max-age=2592000,public
x-goog-stored-content-length: 47645
accept-ranges: bytes
content-type: image/jpeg
expires: Sat, 23 Jul 2022 04:28:11 GMT

GET
H3 200 20220622131029-bf4b927608d810a1982bd138ffc2a8ba-mobile.jpg
www.mirrormedia.com.tw/assets/images/ 58 KB
58 KB 19ms
13ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220622131029-bf4b927608d810a1982bd138ffc2a8ba-mobile.jpg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3abab898af742fdd6b0208e67361369b5bf06888188e416a083148df403b202a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 05:18:33 GMT
via: 1.1 google
age: 220015
x-guploader-uploadid: ADPycdszI6gs2_IYTrlD05AvqGYIWcpLkQvG5iu8RHwe7hlfquUdvhWtMikbKW538QQfuydvIIlvJhetijDV_Gpi_7WW2W7B4K0j
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59753
last-modified: Wed, 22 Jun 2022 05:10:30 GMT
server: nginx
etag: "5368d4b4350f0d5b52377f7c88595562"
x-goog-hash: crc32c=uC7AVQ==, md5=U2jUtDUPDVtSN398iFlVYg==
x-goog-generation: 1655874630897450
cache-control: max-age=2592000,public
x-goog-stored-content-length: 59753
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 22 Jul 2022 05:18:33 GMT

GET
H3 200 20220622124330-b9886c0d46b3db298cc4662b0a680799-mobile.jpg
www.mirrormedia.com.tw/assets/images/ 137 KB
137 KB 15ms
9ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220622124330-b9886c0d46b3db298cc4662b0a680799-mobile.jpg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 04dd33b0e04d9ebe5ed51836a397256222ce81463a62de263b4053dbdc7cc706

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 04:49:04 GMT
via: 1.1 google
age: 221784
x-guploader-uploadid: ADPycdv3_rm-RPElyhXHuxREbqnpqlxmpVp4n1OsaSk-IO2XATQ-qMcPzkSEVUEidX1bi7zPcsAVluTaOOU4Hy-pAgkRap_feVBJ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140713
last-modified: Wed, 22 Jun 2022 04:43:31 GMT
server: nginx
etag: "0478de0d440e8d7cdb744b76bfca2d4e"
x-goog-hash: crc32c=ZAiSnQ==, md5=BHjeDUQOjXzbdEt2v8otTg==
x-goog-generation: 1655873011861595
cache-control: max-age=2592000,public
x-goog-stored-content-length: 140713
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 22 Jul 2022 04:49:04 GMT

GET
H3 200 20220622193452-ac3a5983542f3d90f61d4a48525651bd-mobile.jpg
www.mirrormedia.com.tw/assets/images/ 72 KB
72 KB 21ms
15ms Image
image/jpeg 35.244.140.142
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.mirrormedia.com.tw/assets/images/20220622193452-ac3a5983542f3d90f61d4a48525651bd-mobile.jpg
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.140.142 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 142.140.244.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 666956b2c160926dd9c773e82f6cd79b07a5db05070ffe8dd67fecbf5e5a486d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Wed, 22 Jun 2022 22:04:46 GMT
via: 1.1 google
age: 159642
x-guploader-uploadid: ADPycdt3knig7Hm5Oi35GzM8jnO3Klu_IOGgOHBfGEK_rF9Yp4IOd-b3zZqij9rH6cncvOgiuig6_knggGWt3DukuRA5
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000, h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73506
last-modified: Wed, 22 Jun 2022 11:34:59 GMT
server: nginx
etag: "5af04bb5f55c380411d47dc21324ca69"
x-goog-hash: crc32c=Hs0A1w==, md5=WvBLtfVcOAQR1H3CEyTKaQ==
x-goog-generation: 1655897699249888
cache-control: max-age=2592000,public
x-goog-stored-content-length: 73506
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 22 Jul 2022 22:04:46 GMT

GET
H/1.1 204 increment Show response
id5-sync.com/api/esp/ 0
327 B 282ms
88ms XHR
text/plain 141.95.98.67
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.67 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216533.ip-141-95-98.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.mirrormedia.mg
date: Fri, 24 Jun 2022 18:25:28 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
strict-transport-security: max-age=63072000; includeSubDomains; preload

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame 6DD4 623 B
837 B 89ms
25ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: dddd84d4c1e04925834b4c8837da676625b96e97c894538c7a3f697324646873

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 408
content-type: text/html
date: Fri, 24 Jun 2022 18:25:28 GMT
p3p: CP="CUR ADM OUR NOR STA NID"
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
via: 1.1 google

GET
H2 200 uuid_iframe.html Show response
sun.advividnetwork.com/include_code/ Frame 4D6E 3 KB
1 KB 933ms
902ms Document
text/html 2606:4700:10::ac43:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=e7bfda5a-c97a-441e-a8f0-92d402b9055b
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7207819b0f7b1912-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 18:25:29 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 30 Mar 2020 04:27:06 GMT
server: cloudflare

GET
H2 200 uuid_iframe.html Show response
sun.advividnetwork.com/include_code/ Frame E985 3 KB
1 KB 921ms
894ms Document
text/html 2606:4700:10::ac43:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=e7bfda5a-c97a-441e-a8f0-92d402b9055b
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7207819b0f7c1912-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 18:25:29 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 30 Mar 2020 04:27:06 GMT
server: cloudflare

GET
H2 200 uuid_iframe.html Show response
sun.advividnetwork.com/include_code/ Frame 7639 3 KB
1 KB 931ms
909ms Document
text/html 2606:4700:10::ac43:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=e7bfda5a-c97a-441e-a8f0-92d402b9055b
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7207819b1f7f1912-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 18:25:29 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 30 Mar 2020 04:27:06 GMT
server: cloudflare

GET
H2 200 uuid_iframe.html Show response
sun.advividnetwork.com/include_code/ Frame E5FD 3 KB
1 KB 928ms
910ms Document
text/html 2606:4700:10::ac43:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sun.advividnetwork.com/include_code/uuid_iframe.html?uuid=e7bfda5a-c97a-441e-a8f0-92d402b9055b
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-headers: origin, x-requested-with, content-type
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 7207819b1f871912-EWR
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 24 Jun 2022 18:25:29 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 30 Mar 2020 04:27:06 GMT
server: cloudflare

GET
H2 200 20180905000003.json Show response
avivid.likr.tw/settings_file_json/ 6 KB
2 KB 50ms
25ms XHR
application/json 2606:4700:10::ac43:1a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/settings_file_json/20180905000003.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9178fdbcbfe7f50a05235ecadefb814679c57fc84805765e5a6902b71926804d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.mirrormedia.mg/story/20220504inv003/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 361
last-modified: Fri, 24 Jun 2022 18:10:02 GMT
server: cloudflare
etag: W/"1c4afb-1617-5e2357aa23249"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 7207819b298d18f6-EWR
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 200 20180905000003.json Show response
avivid.likr.tw/settings_file_json/ 6 KB
2 KB 47ms
24ms XHR
application/json 2606:4700:10::ac43:1a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/settings_file_json/20180905000003.json
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9178fdbcbfe7f50a05235ecadefb814679c57fc84805765e5a6902b71926804d

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.mirrormedia.mg/story/20220504inv003/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 361
last-modified: Fri, 24 Jun 2022 18:10:02 GMT
server: cloudflare
etag: W/"1c4afb-1617-5e2357aa23249"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 7207819b298f18f6-EWR
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 200 event_tracker.js Show response
rhea-cache.advividnetwork.com/tracker/ 10 B
283 B 56ms
44ms Script
application/javascript 2606:4700:10::ac43:4d8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rhea-cache.advividnetwork.com/tracker/event_tracker.js
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:4d8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d19f579a751135f28b74fd10b3e65d547a221d2fe7546be246d99125aea7c04

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
cf-cache-status: HIT
last-modified: Wed, 05 Jan 2022 05:04:57 GMT
server: cloudflare
age: 3308
etag: "a-5d4ceb1efab96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 7207819b1f891912-EWR
content-length: 10

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6DD4
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=YrYBmAALQVmXnQAj
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YrYBmAALQVmXnQAj&_test=YrYBmAALQVmXnQAj

43 B
106 B

58ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YrYBmAALQVmXnQAj&_test=YrYBmAALQVmXnQAj
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
via: 1.1 google
server: OXGW/7f1e280
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1656095129.880255,VS0,VE0
x-served-by: cache-ewr18181-EWR
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=YrYBmAALQVmXnQAj&_test=YrYBmAALQVmXnQAj
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 a80ee8db-ecdd-e9b7-e71e-bdfb408b3c8c
pr-bh.ybp.yahoo.com/sync/openx/ Frame 6DD4 43 B
990 B 51ms
16ms Image
image/gif 2600:1f18:4e9:5a07:1b3a:f53f:5ba9:461e
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/a80ee8db-ecdd-e9b7-e71e-bdfb408b3c8c?gdpr=0

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:4e9:5a07:1b3a:f53f:5ba9:461e Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6DD4
Redirect Chain

https://match.adsrvr.org/track/cmf/openx?oxid=3cc98e9f-7c71-7bfe-d6c9-ab0ebfdcf1c5&gdpr=0
https://match.adsrvr.org/track/cmb/openx?oxid=3cc98e9f-7c71-7bfe-d6c9-ab0ebfdcf1c5&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072971&val=83e4313b-7d09-4924-b204-829672263dd6&ttd_puid=3cc98e9f-7c71-7bfe-d6c9-ab0ebfdcf1c5&gdpr=0&gdpr_consent=

43 B
249 B

59ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072971&val=83e4313b-7d09-4924-b204-829672263dd6&ttd_puid=3cc98e9f-7c71-7bfe-d6c9-ab0ebfdcf1c5&gdpr=0&gdpr_consent=
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
via: 1.1 google
server: OXGW/7f1e280
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072971&val=83e4313b-7d09-4924-b204-829672263dd6&ttd_puid=3cc98e9f-7c71-7bfe-d6c9-ab0ebfdcf1c5&gdpr=0&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 335

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 6DD4 170 B
243 B 49ms
22ms Image
image/png 142.250.176.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTBhNjVkNTUtYjUwNi0yNTVhLWMzMjktZjFiNzc1M2UzZmE1

Requested by

Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.176.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6DD4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEVMAHXb58-hHPq9uZ28fgo&google_cver=1

43 B
180 B

71ms
25ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEVMAHXb58-hHPq9uZ28fgo&google_cver=1
Requested by: Host: google-bidout-d.openx.net
URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://google-bidout-d.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
via: 1.1 google
server: OXGW/7f1e280
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEEVMAHXb58-hHPq9uZ28fgo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 killswitch_config.js Show response
avividone.likr.tw/killswitch/ 282 B
275 B 71ms
57ms Script
application/javascript 2606:4700:10::ac43:1a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avividone.likr.tw/killswitch/killswitch_config.js
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 985ecf47e94361c366e2521124bf5c5ac81b8016252ef1813b8dce0e91639027

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 02 Mar 2022 04:45:50 GMT
server: cloudflare
age: 3455
etag: "11a-5d934f4b97b7b-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=10800
accept-ranges: bytes
cf-ray: 7207819b6b851982-EWR
content-length: 143

GET
H2 200 aws-sdk-AviviD-min-1.000.3.js Show response
avivid.likr.tw/sample/ 274 KB
78 KB 19ms
19ms Script
text/javascript 2606:4700:10::ac43:1a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/sample/aws-sdk-AviviD-min-1.000.3.js
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d80f6ec3a78924d5f5276bd680cbfb9dd37879691c648dc14755cb3d9c5bf3b3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 3559
last-modified: Thu, 08 Oct 2020 10:46:57 GMT
server: cloudflare
etag: W/"1328d7-44813-5b1268d1b71da"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 7207819b4b571982-EWR
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/8.6.8/ 21 KB
7 KB 26ms
7ms Script
text/javascript 2607:f8b0:4006:816::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/8.6.8/firebase-app.js

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2003 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1977ae2b50845838a0f0848012e1d2bb312a7a760bc7427c601305531de0d2d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Tue, 21 Jun 2022 15:42:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 268949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6966
x-xss-protection: 0
last-modified: Thu, 01 Jul 2021 23:11:47 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Jun 2023 15:42:59 GMT

GET
H2 200 firebase-messaging.js Show response
avivid.likr.tw/pushEndPoint/js/firebasejs/8.6.8/ 40 KB
11 KB 21ms
20ms Script
text/javascript 2606:4700:10::ac43:1a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/pushEndPoint/js/firebasejs/8.6.8/firebase-messaging.js
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d5b2484855a69e76d59cf2e5e518df99515b786e57ee5fa929b0e5cb478e57c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 2855
last-modified: Wed, 30 Jun 2021 10:39:31 GMT
server: cloudflare
etag: W/"3e0e95-9fb7-5c5f9566df364"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 7207819b8bbd1982-EWR
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 3DA9 15 KB
6 KB 47ms
13ms Document
text/html 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mirrormedia.mg

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

fb86633ecb74692134067335cb70dd9fd869f3108a4863588433fdc9e6db2e4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.mirrormedia.mg/story/20220504inv003/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6144
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 24 Jun 2022 18:25:28 GMT
server-processing-duration-in-ticks: 2215
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 mirrormedia.js Show response
avivid.likr.tw/sample/before_page/ 6 KB
1 KB 868ms
868ms Script
text/javascript 2606:4700:10::ac43:1a69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://avivid.likr.tw/sample/before_page/mirrormedia.js
Requested by: Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:1a69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff3764bfeb7fb7fd5caf673a5d13ebd9444a2ee6ddd19a14858b6a34e16ad954

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:29 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 24 Jun 2022 11:57:41 GMT
server: cloudflare
etag: W/"66000a-165d-5e2304701ee06"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=10800
access-control-allow-credentials: true
cf-ray: 7207819c0cf31982-EWR
access-control-allow-headers: origin, x-requested-with, content-type, X-CSRF-Token, origin, x-requested-with, content-type, X-CSRF-Token

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3DA9
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mirrormedia.mg&sn=ChromeSyncframe&so=0&topUrl=www.mirrormedia.mg&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=CnoC_nxmanQ0Y0pLeXNwYVpuY1FXbXdOdCsvQTcxUCtaRTU1YVVNakdWYjNHZ1Y1cS9xVE1wR1lVMFRsWldPY3JPOEUrUHBzWXV3MkovUEhzcGtkWHZGLzVyY3VzNmNVaENNQUdPekVJeGNYMW9VYzJqVFJHVHowbVRwZj...

430 B
638 B

118ms
15ms

Fetch
application/json

74.119.119.139
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=CnoC_nxmanQ0Y0pLeXNwYVpuY1FXbXdOdCsvQTcxUCtaRTU1YVVNakdWYjNHZ1Y1cS9xVE1wR1lVMFRsWldPY3JPOEUrUHBzWXV3MkovUEhzcGtkWHZGLzVyY3VzNmNVaENNQUdPekVJeGNYMW9VYzJqVFJHVHowbVRwZjlUWXZkS0NxWFNscFpYVWYyWmJaY0MwRWZmK3dXbTAzNytlYXlSWlJhRGdyR3pQYlEyWVlBamxMbVZQek0yeXlpOU04cEU5dElodUppU1JYNW54dnRQN1AyRUZ5Y1hTbW1rcksxNXd5b0Nid0xzWS9idGlCQ0pwb0VyWFFTMms3OU1QRjB2cVlvRUZKVEdXSXc2Qk1QWTVpNjdQVzUwUT09fA&cppv=2

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Server

74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Resource Hash

daefd8372674658babf9b5d8f84962f2106d0188bd9a938155b65dfdbe86854e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4873
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:28 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=CnoC_nxmanQ0Y0pLeXNwYVpuY1FXbXdOdCsvQTcxUCtaRTU1YVVNakdWYjNHZ1Y1cS9xVE1wR1lVMFRsWldPY3JPOEUrUHBzWXV3MkovUEhzcGtkWHZGLzVyY3VzNmNVaENNQUdPekVJeGNYMW9VYzJqVFJHVHowbVRwZjlUWXZkS0NxWFNscFpYVWYyWmJaY0MwRWZmK3dXbTAzNytlYXlSWlJhRGdyR3pQYlEyWVlBamxMbVZQek0yeXlpOU04cEU5dElodUppU1JYNW54dnRQN1AyRUZ5Y1hTbW1rcksxNXd5b0Nid0xzWS9idGlCQ0pwb0VyWFFTMms3OU1QRjB2cVlvRUZKVEdXSXc2Qk1QWTVpNjdQVzUwUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1521
content-length: 541
expires: 0

POST
H2 200 get_client_ip_for_ring.php Show response
load-balancer.likr.com.tw/pushServer/ 15 B
257 B 246ms
193ms XHR
text/html 35.190.46.27
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://load-balancer.likr.com.tw/pushServer/get_client_ip_for_ring.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.46.27 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 27.46.190.35.bc.googleusercontent.com
Software: nginx/1.16.0 / PHP/5.6.40
Resource Hash: 7a9c812e993152cf234f45eb928dffd7a03dd1e5c11551efa3e6c9b185f8d219

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.mirrormedia.mg/story/20220504inv003/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:29 GMT
via: 1.1 google
server: nginx/1.16.0
access-control-allow-headers: X-CSRF-Token
x-powered-by: PHP/5.6.40
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.mirrormedia.mg
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

OPTIONS
H/1.1 200
OK /
kinesis.ap-southeast-1.amazonaws.com/ Frame 0
0 759ms
248ms Preflight 13.251.113.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.ap-southeast-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.113.122 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-113-122.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://www.mirrormedia.mg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 0
Date: Fri, 24 Jun 2022 18:25:29 GMT
x-amzn-RequestId: d77130b7-9635-de84-8c41-336e3fc1ce50

POST
H/1.1 200
OK / Show response
kinesis.ap-southeast-1.amazonaws.com/ 110 B
546 B 255ms
254ms Fetch
application/x-amz-json-1.1 13.251.113.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://kinesis.ap-southeast-1.amazonaws.com/
Requested by: Host: avivid.likr.tw
URL: https://avivid.likr.tw/sample/aws-sdk-AviviD-min-1.000.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.113.122 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-113-122.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: eac0e915a9d4fae49314aef1ce34f4547bdf4ded0ac0f6d2c1a39fa048483021

Request headers

accept-language: en-US,en;q=0.9
authorization: AWS4-HMAC-SHA256 Credential=AKIATBR2IINU2ISIXU72/20220624/ap-southeast-1/kinesis/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=cde71bb7361240cecebb19ef5cfdeaa92aca9d5cf33833d81434eacb686684c1
content-type: application/x-amz-json-1.1
x-amz-content-sha256: 8cd738ad0e848d7bbb6d1be76c70e3912b6982afc79f7a93f873574047852530
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://www.mirrormedia.mg/story/20220504inv003/
x-amz-target: Kinesis_20131202.PutRecord
x-amz-date: 20220624T182529Z
x-amz-user-agent: aws-sdk-js/2.769.0 callback

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
x-amzn-RequestId: fbabc41c-7531-9bb5-a09b-c7c6dcc58b61
Date: Fri, 24 Jun 2022 18:25:30 GMT
Content-Length: 110
x-amz-id-2: UiG/yBkKbXb2tjZ8CA2DkR1JSSMxqLElIXQHgQ3Jl2RIjaFM2Jw4lgAgVndn7HrHllYWrV4lY8XwM47r5SGrZ2BfjyIq9Wqt
Content-Type: application/x-amz-json-1.1

POST
H3 200 get_client_ip_for_ring.php Show response
load-balancer.likr.com.tw/pushServer/ 15 B
31 B 201ms
194ms XHR
text/html 35.190.46.27
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://load-balancer.likr.com.tw/pushServer/get_client_ip_for_ring.php
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.190.46.27 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 27.46.190.35.bc.googleusercontent.com
Software: nginx/1.16.0 / PHP/5.6.40
Resource Hash: 7a9c812e993152cf234f45eb928dffd7a03dd1e5c11551efa3e6c9b185f8d219

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.mirrormedia.mg/story/20220504inv003/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:29 GMT
via: 1.1 google
server: nginx/1.16.0
access-control-allow-headers: X-CSRF-Token
x-powered-by: PHP/5.6.40
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.mirrormedia.mg
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 5ms
5ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=176410021005270&ev=Microdata&dl=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&rl=&if=false&ts=1656095129641&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.1.1656095128081.1478933859&it=1656095127992&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 24 Jun 2022 18:25:29 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ 42 B
497 B 44ms
27ms Fetch
image/gif 2607:f8b0:4006:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFOyosjXLT7ixlqPamu_lKXGGbhUGX609fchwKTncZX21cLZUZqotwPDJQJ2gIpCG5csgLtCZRnG1fWswBUKKyjvgeyWggZ1Q6XBENdjQsroP6SR9P&sig=Cg0ArKJSzJyhF5p3FCbhEAE&id=lidar2&mcvt=1001&p=0,0,50,95&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220622&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=3262086296&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1656095126699&rpt=1932&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2002 New York, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Jun 2022 18:25:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 5ms
5ms Image
image/gif 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=733664420167807&ev=Microdata&dl=https%3A%2F%2Fwww.mirrormedia.mg%2Fstory%2F20220504inv003%2F&rl=&if=false&ts=1656095129668&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.1.1656095128081.1478933859&it=1656095127992&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Requested by

Host: www.mirrormedia.mg
URL: https://www.mirrormedia.mg/story/20220504inv003/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.mirrormedia.mg/story/20220504inv003/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date: Fri, 24 Jun 2022 18:25:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 24 Jun 2022 18:25:29 GMT

POST
H/1.1 200
OK / Show response
firehose.ap-southeast-1.amazonaws.com/ 257 B
707 B 250ms
250ms Fetch
application/x-amz-json-1.1 52.119.185.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.ap-southeast-1.amazonaws.com/
Requested by: Host: avivid.likr.tw
URL: https://avivid.likr.tw/sample/aws-sdk-AviviD-min-1.000.3.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.185.103 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 172b465077e3b0b6fd958156954869a156fad8911ebb526a98d455ab5a4c3b14

Request headers

accept-language: en-US,en;q=0.9
authorization: AWS4-HMAC-SHA256 Credential=AKIATBR2IINUW3Y6AWEJ/20220624/ap-southeast-1/firehose/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=d4c9e1615126de53ca91bd7945b3c6c2aeb7f41bb978ca518bc51c8c39241208
content-type: application/x-amz-json-1.1
x-amz-content-sha256: 94b5224daf95295daeb7532cd72cfe616fccb48aacea8055d3dfe2e38f181618
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Referer: https://www.mirrormedia.mg/story/20220504inv003/
x-amz-target: Firehose_20150804.PutRecord
x-amz-date: 20220624T182530Z
x-amz-user-agent: aws-sdk-js/2.769.0 callback

Response headers

Date: Fri, 24 Jun 2022 18:25:30 GMT
Content-Encoding: gzip
x-amzn-RequestId: edd7c8a2-7bd0-580f-b6e7-cb793cc3a1d5
Content-Type: application/x-amz-json-1.1
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Length: 247
x-amz-id-2: 7BjDHLSgSPhuwK9Qf5GcNtP1dU6aFVGwLR2NG+3AprcDnj5p5YK1OxXPxe6f6N1+I9aObO0pF2aC8DN/BpKArZFpOpYf9aM8

OPTIONS
H/1.1 200
OK /
firehose.ap-southeast-1.amazonaws.com/ Frame 0
0 735ms
240ms Preflight 52.119.185.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://firehose.ap-southeast-1.amazonaws.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.119.185.103 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Request-Method: POST
Origin: https://www.mirrormedia.mg
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Encoding: gzip
Content-Length: 20
Date: Fri, 24 Jun 2022 18:25:30 GMT
x-amzn-RequestId: c82797a4-790d-b6aa-9317-947f3e1e4f70

Verdicts & Comments Add Verdict or Comment

201 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mirrormedia.mg/	1970-01-20 04:01:36	Name: __asc Value: b075348118196f638847ab65e87
.mirrormedia.mg/	1970-01-20 12:48:37	Name: __auc Value: b075348118196f638847ab65e87
.scorecardresearch.com/	1970-01-20 21:18:23	Name: UID Value: 1C68478bf5f3e3208f466db1656095127
.mirrormedia.mg/	1970-01-20 06:11:11	Name: _fbp Value: fb.1.1656095128081.1478933859
.facebook.com/	1970-01-20 06:11:11	Name: fr Value: 0JJaH1x9bs57q0i8T..BitgGY...1.0.BitgGY.
.mirrormedia.mg/	1970-01-20 21:32:47	Name: _ga_341XFN0675 Value: GS1.1.1656095128.1.0.1656095128.0
www.mirrormedia.mg/	1970-01-23 19:37:35	Name: mmid Value: ea1eaaec-8624-4efb-8d63-ea522edaf94a
www.mirrormedia.mg/	1970-01-20 04:01:36	Name: mmid-session Value: 96875b38-c2f1-4931-b46c-a8e42d0f627c
.mirrormedia.mg/	1970-01-20 21:32:47	Name: _ga Value: GA1.2.1273822392.1656095128
.mirrormedia.mg/	1970-01-20 04:03:01	Name: _gid Value: GA1.2.1026573841.1656095128
.mirrormedia.mg/	1970-01-20 04:01:35	Name: _gat Value: 1
.mirrormedia.mg/	1970-01-20 04:01:35	Name: lotame_domain_check Value: mirrormedia.mg
.crwdcntrl.net/	1970-01-20 10:30:21	Name: _cc_dc Value: 0
.crwdcntrl.net/	1970-01-20 10:30:21	Name: _cc_id Value: faf47422a0597b118c25a9617c7e1ad1
.openx.net/	1970-01-20 12:47:11	Name: i Value: ef65b1c6-d5f6-4409-8c1f-63e6dbfbc238\|1656095128
.mirrormedia.mg/	1970-01-20 10:30:23	Name: _cc_id Value: faf47422a0597b118c25a9617c7e1ad1
.mirrormedia.mg/	1970-01-20 04:03:01	Name: panoramaId_expiry Value: 1656181528622
.likr.com.tw/	1970-01-23 19:37:35	Name: uuid Value: e7bfda5a-c97a-441e-a8f0-92d402b9055b
.likr.com.tw/	1970-01-23 19:37:35	Name: AviviD_uuid Value: e7bfda5a-c97a-441e-a8f0-92d402b9055b
.mirrormedia.mg/	1970-01-23 19:37:35	Name: AviviD_uuid Value: e7bfda5a-c97a-441e-a8f0-92d402b9055b
.mirrormedia.mg/	1970-01-23 19:37:35	Name: AviviD_refresh_uuid_status Value: 1
.mirrormedia.mg/	1970-01-23 19:37:35	Name: webuserid Value: aeff02a6-c0f6-56a5-cbd1-bc20d8e7ee84
.openx.net/	1970-01-20 04:23:11	Name: pd Value: v2\|1656095128\|vMgakWgyiK
.mirrormedia.mg/	1970-01-23 19:37:35	Name: AviviD_sw_version Value: 1.0.868.210701
.adsrvr.org/	1970-01-20 12:47:11	Name: TDID Value: 83e4313b-7d09-4924-b204-829672263dd6
.yahoo.com/	1970-01-20 12:47:32	Name: A3 Value: d=AQABBJgBtmICEAVmnn4DKrYVpf7Sfp6TWT8FEgEBAQFTt2K_YgAAAAAA_eMAAA&S=AQAAAumXCBomK5gADM5kXw5F7WI
.everesttech.net/	1970-01-20 12:47:11	Name: everest_g_v2 Value: g_surferid~YrYBmAALQVmXnQAj
.adsrvr.org/	1970-01-20 12:47:11	Name: TDCPM Value: CAEYBSABKAIyCwiao7rYtIbrOhAFOAE.
.mirrormedia.mg/	1970-01-23 19:37:35	Name: AviviD_tid_rmed Value: 1
.mirrormedia.mg/	1970-01-20 04:03:01	Name: AviviD_already_exist Value: 1
.mirrormedia.mg/	1970-01-20 04:03:01	Name: AviviD_show_sub Value: 1
.criteo.com/	1970-01-20 13:23:11	Name: uid Value: 57bd7f0b-17cc-49a1-be87-a8f6e73b4247
.openx.net/	1970-01-20 04:23:11	Name: univ_id Value: 537072971\|83e4313b-7d09-4924-b204-829672263dd6\|1656095128935396
.mirrormedia.mg/	1970-01-20 13:23:11	Name: cto_bundle Value: AD4yi180JTJCWmR1dGpPM1hXYWxPMm8ySGNYazdPbWdub0VSVzhHbUhKcDZrOUNoWnlBVEhKSmplZE14cjE0aTBlSW94eE0xS3dwZ01BJTJCbGNzbWt6UTBoNWNhWCUyRjFQN0U0NG1CU2NrQVRIeXJ0ZXVIWHJiSmU3SDJWaGhsVU9LY2F4TU5abGU0bzQlMkZMcmZYOCUyRjl2bWk0VFhCaFFRJTNEJTNE
.advividnetwork.com/	1970-01-23 19:37:35	Name: AviviD_uuid Value: e7bfda5a-c97a-441e-a8f0-92d402b9055b
.doubleclick.net/	1970-01-20 21:32:47	Name: IDE Value: AHWqTUlZSUJYhfOS5rN5rzbMOC5WIOE_AMIEb8FQYZaaStxV3BAIi-5TVgItnq6zI9c
.mirrormedia.mg/	1970-01-20 13:23:11	Name: __gads Value: ID=7cafad3794c70004:T=1656095128:S=ALNI_MaeXBCemHJKotWpD1AN3kz9nFGBUw
.mirrormedia.mg/	1970-01-20 13:23:11	Name: __gpi Value: UID=0000062acd4f6744:T=1656095128:RT=1656095128:S=ALNI_MZ8kFAmDzLaOVR0Z9V7fm_xSU11Ow
.mirrormedia.mg/	1970-01-20 04:11:39	Name: AviviD_token_retake Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022062101.js(Line 5) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' http://mirrormedia.tw https://mirrormedia.tw http://35.189.183.129:3000
Strict-Transport-Security	max-age=15552000; includeSubDomains max-age=31536000; includeSubDomains max-age=604800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	0 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

69580243b080417e81d9e95e6a76cbd6.safeframe.googlesyndication.com
adservice.google.com
ajax.googleapis.com
auto-load-balancer.likr.com.tw
avivid.likr.tw
avividone.likr.tw
bcp.crwdcntrl.net
cdn.id5-sync.com
certify-js.alexametrics.com
certify.alexametrics.com
cm.g.doubleclick.net
connect.facebook.net
firehose.ap-southeast-1.amazonaws.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
id.sharedid.org
id5-sync.com
kinesis.ap-southeast-1.amazonaws.com
load-balancer.likr.com.tw
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
pagead2.googlesyndication.com
pr-bh.ybp.yahoo.com
prod.uidapi.com
redirect.prod.experiment.routing.cloudfront.aws.a2z.com
rhea-cache.advividnetwork.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.criteo.net
stats.g.doubleclick.net
sun.advividnetwork.com
sync-tm.everesttech.net
tags.crwdcntrl.net
tpc.googlesyndication.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.mirrormedia.com.tw
www.mirrormedia.mg
13.251.113.122
13.33.60.50
13.33.60.9
141.95.98.67
142.250.176.194
142.251.40.162
142.251.41.2
151.101.66.49
18.235.231.13
18.236.53.150
2600:1f13:57e:7b02:129a:a9a6:7863:3a90
2600:1f18:4e9:5a07:1b3a:f53f:5ba9:461e
2606:4700:10::ac43:1a69
2606:4700:10::ac43:4d8
2607:f8b0:4004:c06::9d
2607:f8b0:4006:809::2002
2607:f8b0:4006:80a::2001
2607:f8b0:4006:80a::2004
2607:f8b0:4006:80c::2008
2607:f8b0:4006:816::2003
2607:f8b0:4006:817::2002
2607:f8b0:4006:81c::200e
2607:f8b0:4006:821::2002
2607:f8b0:4006:821::200a
2607:f8b0:4006:822::2002
2607:f8b0:4006:824::2001
2620:100:a001::4
2620:100:a001::c
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:182:face:b00c:0:25de
3.14.218.241
34.102.146.192
34.120.107.143
34.96.95.4
35.190.46.27
35.244.140.142
35.244.159.8
46.105.202.126
52.119.185.103
52.223.40.198
74.119.119.139
99.84.126.57
99.84.37.90
0096e2fc4e894ba8efa050e456e62878c2b903baec361ba619c5054a360b798e
04b86eaddf1a2f8f0b707e177c82b722107c548bd4ef2c2590873999d64cb204
04dd33b0e04d9ebe5ed51836a397256222ce81463a62de263b4053dbdc7cc706
0549d74e0b6283a94bbc636df52e974fdd3a05d583436e512254d6c22b0dd5d6
06d50560f72b239ebe379831fe13973cba089dd95b627a948e3e38090a831a58
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11aac29c7d9c1ae9e8ca014940c6bf9a47b1a1a4f4b9e2134ae637b5efd135c3
13d51456c6ebec7ba15e8c27a572090203f236b47fd44141f7bd81fba30d6df4
15036a754fdbde5489d844eca34b708519a574de811f235e129102667f4143a7
16d72a1c24755260a67a2979f4b41f2ad168a878c1683b91d08389ca97de87a2
172b465077e3b0b6fd958156954869a156fad8911ebb526a98d455ab5a4c3b14
185bac23010adf6a84a5bcc816ad0ada89afe212488d34b2bf02dcfdbafe1909
1977ae2b50845838a0f0848012e1d2bb312a7a760bc7427c601305531de0d2d4
1a2bb11a3450ac86e8d3dfa348b56c2c77f1deea3b3ffee515ef9e5cd8233bc9
1b7d6456ce093597ce2d94def666913bad1ca06805e19ba4188b4a341b2c25ff
1cc6904aa78717a84722f88023a91d201650f4f066df773bf5c7659be4305f20
1d19f579a751135f28b74fd10b3e65d547a221d2fe7546be246d99125aea7c04
1f464834aa3e685857262791c5640446031f9fba67078149c9de405f5dbaa638
2097097b31bd69c4fa53c32471612a7cffffb961769154cdb244b6d5d00e7fc1
26e1c7c051cd868e1618b658ba2b577243688b68f6f69c0f3d046738f739f2be
2725d337e8ed14d10b23407140abf3881d22818a639df5401386c70d4a055757
294b0c2e3ec3edc89ec51dcef5ef2e099b3111a0634b2e7121cd249744d39b3a
2a79d9d59e4c07752c78abc5f0243cecb939729e0728f347671fcd3a219e9b3f
2bb87867c76c78d77003e0ef4ba8d8dce5f57f46c3e2f567020427fadb33f1db
3102abe3a636dff11a4594e1d15e94ccc9a947ed75efebcc9cfd05235aaf590e
31db9ef6938b98c235e1cf55314f1d4a30d8242f630250b4edb7663d0f7c7d4b
332cd1a20bccffc14d3656832372f6ef9ca563c3ace664d0f1c03b034e10d986
377f0f4a2b8aff8f8032b2353aa2ff2595a09cb75f6be5ac7bb38aa6657120ec
396c0731a967ddbf25ba131d13aa55c0bcd6f9d146e76539544a9d532cb82b52
3abab898af742fdd6b0208e67361369b5bf06888188e416a083148df403b202a
3b6fd61dce26e5740acf7c2ad3e7ddc57332933af090a124f024501f01f52415
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
40c8f15fe47ca80d0abb935b0b819c10eab4045ae3d47299902adb3478766e8c
417cdf4f6ca75ea91eeaf9a3fa2b05580badc32910d5093b5483a16ec4b58c57
42ace83b40e6fc583e472c42403d5c82a4348da7492576a1e9cc316f1570c1ba
4645abd5aa88a75e672d329e93ce7a6d6619b1943f6474606c7df00e7bc5f551
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ae1bc7423bd4187884b4f1678be12588e3e443eb15746619961df61e02ff526
4bc5de0c2eb1d1cc7f5501b5d8165a232f49954b12fb762e3ddbe2a017c1c78c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5116a7dbee3ee7e14406ee38a800093bde9df4bd10f816f446cd34e4cf6d63f5
5207dbf4ca0b99edb0873c3e16d8c72a2714971f3c454dc035ac5dff52d5fa1b
542fab120275a2fe06765ede5a4c2f3302cbdf104a917b4600aee5155da32f89
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548723965ba46e03bde750a54de839a7e2a453a9f630a151231155256d60b0d9
569b4337fbe84cf2dc045c9677f62c6db35c1c7389d9127756ba97f9e6c77714
5704317f105ab1fed66de0c6d1f6cdcbffdaaf93bcbf2a703f6811ebdcc9c223
587aba38502fe9bb89702f7ff84c8495c27fab3334ad33fa790c8ce328d5b25f
59297a27b3b49705990baec358c766a222fc947d05d8978b193d93c2ad7c43eb
5e11546a93f99f4b0b79d7e9a993b8f0a9a239fb1e101810738f3bff890ba549
5e84ce936bc3e3844a5d9efb3ac7d28107fa17234fa2a6c2bf3491fc284f0d4f
5fdffe46c571b0b392a68f61772f38210b2172738fc1dac3be70794daefebf6b
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
61e3046d29a385e9a7d976a10830ae3018f7d01b2f362e96adeab073cad40551
666956b2c160926dd9c773e82f6cd79b07a5db05070ffe8dd67fecbf5e5a486d
67b2bff8a268a36fbfff5fd520a4beb2d0c7fe485e43bd2a2fcf81defe679a10
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6d5b2484855a69e76d59cf2e5e518df99515b786e57ee5fa929b0e5cb478e57c
6db5b12cb114bc0b5b702cd7b2129108e657060975b6d945438b3ea56e1e97f6
705252cf5da1fdaf88ccaa14834bfe657c1f8d620cfa6cb30a1dbed60e8084fc
70f2912eb6ca68f41613527e97dbd9921e25516fffdfa14fcff4107f1fccda99
7498939a486073dad407b10a9ffd223834026a10d29eb4c0077fc2d91639b051
763d5bc4768dcff44842fe0d07f52a64159db4707146f8f512e2bbfec26bb0be
7a9c812e993152cf234f45eb928dffd7a03dd1e5c11551efa3e6c9b185f8d219
7c8b5bcc18b0797596381051a914eb55d673a1cb6a3dfd1bbf4afc68f2b0d1e1
7c8c5f4f6b95e9008a7a3682bf38d303b93614e1c0282e401ce2f9c609343e55
81bec2984d1b0441d0d500c44032a28e06a116396b0d665027f6db12f24a14be
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b5b3fae6efadc03a1ed3f2b3baa41946497cf58d4c9b772ed913857695ea319
9178fdbcbfe7f50a05235ecadefb814679c57fc84805765e5a6902b71926804d
93d4335386ceba4a71e6bd6c7d24ecdcb50a9cd458bf0fad5a2d09f051313cf8
9691ecb3c87f2864bba809018a7cd467ba9e90b989750193b1ec0d91b8513563
985ecf47e94361c366e2521124bf5c5ac81b8016252ef1813b8dce0e91639027
994172e09ae39203a5327d46cf6ad2aa960cf1b20a55788e569dd49fbf52a95c
9bb99d73f0041f24dd5a6460432d599e3bd69f91f6ac974302801ac54af91016
9e4d5edcc59fb3c87e33450766707e9a0069402e397601608f5995b0b114f82c
a0ac4b436878716f4acf813eb89ae77af6693b9d5641c06f8d3d2349340cd987
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a29091cb8dba03767cacbe8888c661f0854242246fa4eb0ef3ec27dd0cddca21
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a58336a93b06b6ffca034ccff9a5c2ffe14ab4cbde0242c8ce8f722bf92f488c
a8c129dbed6fe54d669b0bccaeec395192031e222630400b26e89b6fca69d577
aa40f5b9eb82780066b82b7efab3137e32fe0de8215f56e445f5c0d50f340849
abe16dfda1122bb685713508a2b488b9c58898773c7c8257c44a9411a771887d
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b523ac6045c42efadb4f6ded30c92a501308bd4d2dcd5fdd8272407f57630db0
b75b3b21ae775a45091f0e3bf542ad86aa9b243dc2d6548d85090c79a1ccf68b
b9e040b6205576080c7389e189208d4ae90e3628d334af7a77035b645d144ed0
bb87924476eaa78bdda3d9fbf35c070ff0a9318682c537067f6113e5449f8088
bccb1b9d96e7ac156f0651ca8a14e3d15bcb3676bc2faec820964e243a5576e0
bf12fd02323f3549bcd78d3180e8bcb96602d8395b3c37ce3c6e143b17f2076b
bfafefab6495db40df1cda93e99fba7f01384e766cb8c414735ba965c7b84d65
c4499069efb4d85211ccc2f29dfb870d37ab960f011bb6b88696025177e0b4cb
c7c7838266f3e38d63a440ab96582bb4e3c08e92892a56151583fabbb5dbfad0
c9330a0c9cd04f0e1e99012ec6805339787646f227b39ca5839a521d2aa7f9ed
cb33b3b2fa42f7695238fb0adc21dfd3d85b93402dc9d6997d645e4b7780245a
ce7e2cb1d6e8f31d19f6e591cf8ee0ee7b54366a4860a894e016356a3b9f31e7
ce924a34e072a9ff9cf5678cf9e140223ef0b5a88ec9be3793cb649f941e185b
d296ba1d4ac7b770357be342c87bb8f72a28f20690acb0b6c34a1f569f2692f5
d48cd8f24f0d9c0054202c7a815bed28a75dacb5bdc300373f489a8188e904b8
d80f6ec3a78924d5f5276bd680cbfb9dd37879691c648dc14755cb3d9c5bf3b3
daefd8372674658babf9b5d8f84962f2106d0188bd9a938155b65dfdbe86854e
dddd84d4c1e04925834b4c8837da676625b96e97c894538c7a3f697324646873
e0ae8ebf778dc47a5ef593fd91fbd2f216b3824411cf11dd0f731ec8a3b02306
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67f4e48b05201078f80908877869065017fadba886345e1c92787a53c1eee12
ea052aa751af43f1f14036098fdc5c12f74307b249ea49404ef1d22f31aacf70
eac0e915a9d4fae49314aef1ce34f4547bdf4ded0ac0f6d2c1a39fa048483021
eb7fff3148d0aa8910ebd89ef71e47a2549d97bb09c30dba797fbb138127788f
ee7e745eeef3bcc1105fc874db548201bba2bf4a717314440f18c5eb3e085510
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f73dbd67cd1cad78f5046130b8bf2a406330ef23029f93f21196f58eddbaca1f
fb4b154fe8eacb1004bc15c39111ca93635845fadd4d6928cf813ffd92ddf097
fb86633ecb74692134067335cb70dd9fd869f3108a4863588433fdc9e6db2e4f
ff3764bfeb7fb7fd5caf673a5d13ebd9444a2ee6ddd19a14858b6a34e16ad954

www.mirrormedia.mg Open in urlscan Pro 35.244.140.142 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

131 Requests

95 %HTTPS

47 %IPv6

32 Domains

48 Subdomains

42 IPs

3 Countries

2974 kBTransfer

7370 kBSize

39 Cookies

1 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.mirrormedia.mg Open in urlscan Pro
35.244.140.142 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

95 %
HTTPS

47 %
IPv6

32
Domains

48
Subdomains

42
IPs

3
Countries

2974 kB
Transfer

7370 kB
Size

39
Cookies

131 HTTP transactions
10 data transactions